1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Iranian hacker group deploys malicious Snake game to target Egypt

    From TechnologyDaily@1337:1/100 to All on Wednesday, December 03, 2025 17:00:07
    Iranian hacker group deploys malicious Snake game to target Egyptian and Israeli critical infrastructure

    Date:
    Wed, 03 Dec 2025 16:44:00 +0000

    Description:
    MuddyWater has deployed more sophisticated techniques and malware in a string of attacks targeting Israel and Egypt.

    FULL STORY ======================================================================An Iranian-aligned group is targeting Israeli and Egyptian infrastructure The group's previous attacks have been noisy and easy to detect New techniques
    and malware have been deployed

    An Iranian-aligned hacking group tracked as 'MuddyWater' has dramatically shifted tactics in attacks against Israeli and Egyptian critical infrastructure.

    Previous campaigns by the group, observed by ESET Research, were characteristically noisy in their tactics, techniques, and procedures (TTPs) making them easily detectable.

    However, the group has begun employing a new backdoor deployed via the Fooder loader, which often disguises itself as the classic Snake game. MuddyVipers, snakes, and ladders

    The attacks have typically targeted Israeli telecommunications, governmental, and oil and energy sectors. In this campaign, MuddyWater began by
    distributing spearphishing emails with PDF attachments linking to free remote monitoring and management (RMM) software, with the install files hosted on OneHub, Egnyte, Mega, and other free file hosting services.

    Rather than installing legitimate RMM software, the files instead install loaders through which attackers can deploy backdoors. In the attacks observed by ESET, a newly identified loader known as Fooder deploys the MuddyViper backdoor.

    Fooder has a unique characteristic - it often masquerades as the Snake game. This technique is more than just a disguise, as the core logic of Snake provides the loader with a custom delay function, allowing it to hide its
    true function from analysis.

    The MuddyViper backdoor is also previously unobserved. Written in the C/C++ programming language, MuddyViper is capable of collecting system information, downloading and uploading files, executing files and shell commands, and stealing Windows credentials and browser data by displaying a fake Windows Security dialog. (Image credit: ESET Research)

    The MuddyWater campaign targeted 17 organizations in Israel across a range of sectors including engineering, local government, manufacturing, technology, transportation, utilities, and universities. The group also targeted an Egyptian organization in the tech sector.

    For greater insight into the MuddyWater campaign, as well as indicators of compromise, take a look at ESETs ' MuddyWater: Snakes by the riverbank ' research.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/iranian-hacker-group-deploys-malicious- snake-game-to-target-egyptian-and-israeli-critical-infrastructure


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)