Iran-Backed MuddyWater’s Campaign Abuses Syncro Admin Tool


MuddyWater, an Iranian-backed threat group, has changed its strategy and is now employing the remote administration tool Syncro to take control of target machines.

A fully functional remote access platform, Syncro is used by managed service provider operations. Even a 21-day free trial is available for the tool.

MuddyWater had employed a separate legitimate remote administration tool by the name of RemoteUtilities prior to this latest campaign, which researchers from Deep Instinct believe started sometime in September.

Also Read: Three Key Areas in Enterprise Cybersecurity to Focus on Before Entering 2023

A new Deep Instinct report details MuddyWater attacks on an Egyptian data hosting company, and on Israeli hospitality and insurance industries.

Read More: Iran-Backed MuddyWater’s Latest Campaign Abuses Syncro Admin Tool

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates