Tag: bugsleep
2 attack reports | 0 vulnerabilities
Attack reports
Writing a BugSleep C2 server and detecting its traffic with Snort
This analysis focuses on the BugSleep implant, also known as MuddyRot, a remote access tool that provides reverse shell and file I/O capabilities. The article details the process of reverse engineering BugSleep's protocol, creating a functional C2 server, and developing Snort rules for traffic dete…
Downloadable IOCs 0
New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns
An Iranian threat group known as MuddyWater, affiliated with the Ministry of Intelligence and Security, has significantly intensified its operations targeting Israel, Saudi Arabia, Turkey, Azerbaijan, India, and Portugal in recent months. The group consistently utilizes phishing campaigns originati…
Downloadable IOCs 50
Writing a BugSleep C2 server and detecting its traffic with Snort
This analysis focuses on the BugSleep implant, also known as MuddyRot, a remote access tool that provides reverse shell and file I/O capabilities. The article details the process of reverse engineering BugSleep's protocol, creating a functional C2 server, and developing Snort rules for traffic dete…
Downloadable IOCs 0
New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns
An Iranian threat group known as MuddyWater, affiliated with the Ministry of Intelligence and Security, has significantly intensified its operations targeting Israel, Saudi Arabia, Turkey, Azerbaijan, India, and Portugal in recent months. The group consistently utilizes phishing campaigns originati…
Downloadable IOCs 50