Compared to previous campaigns, this time MuddyWater changed their infection chain and did not rely on the legitimate Atera remote monitoring and management tool (RRM) as a validator... Instead, we observed that they used a new and undocumented implant.
MuddyWater places a high priority on gaining access to business email accounts as part of their ongoing attack campaigns... These compromised accounts serve as valuable resources, enabling the group to enhance the cre.
Collection
[
|
...
]