Analysis of MuddyWater’s recent phishing attack activities

In recent operations, the MuddyWater group has conducted phishing attacks by disguising malicious content as PDFs and macro-enabled documents, delivering customized backdoors such as UDPGangster and Phoenix. These activities demonstrate covert, tailored infiltration techniques targeting the Middle East as well as Europe and the United States, with continuous iterations of attack payloads to evade detection.