Verticals Targeted: Government Regions Targeted: Middle East, North Africa Related Families: Phoenix, FakeUpdate Executive Summary A sophisticated phishing operation has been attributed to the Iran-linked APT MuddyWater, deploying an updated Phoenix backdoor to conduct espionage against government and international entities. The campaign leverages compromised mailboxes and macro-enabled Word documents to deliver custom injectors and persistence mechanisms, highlighting the group's reliance on...| PolySwarm Main Blog