TI Mindmap HUB
Threat Intelligence Report

ChainShell: MuddyWater’s Russian MaaS Link

📅 April 12, 2026 📰 www.jumpsec.com 🔍 3 CVE(s) referenced

JUMPSEC has uncovered conclusive evidence that Iranian state actor MuddyWater is actively leveraging Russian-developed TAG-150 CastleRAT malware-as-a-service, gaining advanced stealth and credential theft capabilities via a commercial cybercrime platform, which significantly complicates attribution and escalates the threat to Israeli and Western defense, energy, and government sectors.

vendor
CVE-2026-1281, CVE-2024-23113, CVE-2024-55591

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle