{"id":220734,"date":"2026-03-06T15:05:00","date_gmt":"2026-03-06T20:05:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/06\/iran-linked-muddywater-deploys-dindoor-malware-against-u-s-organizations\/"},"modified":"2026-03-06T16:50:13","modified_gmt":"2026-03-06T21:50:13","slug":"iran-linked-muddywater-deploys-dindoor-malware-against-u-s-organizations","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/06\/iran-linked-muddywater-deploys-dindoor-malware-against-u-s-organizations\/","title":{"rendered":"Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations"},"content":{"rendered":"

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations<\/a><\/p>\n

https:\/\/securityaffairs.com\/189060\/apt\/iran-linked-muddywater-deploys-dindoor-malware-against-u-s-organizations.html?amp<\/a><\/p>\n

Publish Date: 2026-03-06 15:05:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ March 06, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

Iran-linked APT MuddyWater targeted U.S. organizations, deploying the new Dindoor backdoor across sectors including banks, airports, and nonprofits.<\/h2>\n

Broadcom\u2019s Symantec Threat Hunter Team uncovered a campaign by the Iran-linked MuddyWater \u00a0(aka\u00a0SeedWorm,\u00a0TEMP.Zagros,\u00a0Mango Sandstorm,\u00a0TA450, and\u00a0Static Kitten) APT group targeting several U.S. organizations. <\/p>\n

\u201cActivity associated with Iranian APT group Seedworm has been spotted on the networks of multiple U.S. companies. The activity began in February 2026 and has continued in recent days.\u201d reads the report<\/strong> published by Broadcom\u2019s Symantec.<\/p>\n

The group deployed a new backdoor called Dindoor and infiltrated networks across multiple sectors, including banks, airports, nonprofits, and the Israeli branch of a software company.<\/p>\n

The first\u00a0MuddyWater\u00a0campaign was\u00a0observed\u00a0in late 2017, when the APT group targeted entities in the Middle East.<\/p>\n

Experts named the campaign \u2018MuddyWater\u2019 due to the difficulty in attributing a wave of attacks between February and October 2017, targeting entities in Saudi Arabia, Iraq, Israel, the United Arab Emirates, Georgia, India, Pakistan, Turkey, and the United States. Over the years, the group has evolved by adding new attack techniques to its arsenal and has also targeted European and North American countries.<\/p>\n

The group\u2019s victims are mainly in the telecommunications, government (IT services), and oil sectors.<\/p>\n

In January 2022, US Cyber Command (USCYBERCOM)\u00a0officially linked\u00a0the MuddyWater APT group to Iran\u2019s Ministry of Intelligence and Security (MOIS).<\/p>\n

The MuddyWater APT has targeted several organizations in the U.S. and Canada since early February 2026. Victims include a U.S. bank, an airport, nonprofits, and a software supplier to the defense and aerospace sectors…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations https:\/\/securityaffairs.com\/189060\/apt\/iran-linked-muddywater-deploys-dindoor-malware-against-u-s-organizations.html?amp Publish Date: 2026-03-06 15:05:00 Source Domain:…<\/p>\n","protected":false},"author":1,"featured_media":220735,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2015\/03\/iran-cyber-attacks1.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[32],"class_list":["post-220734","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220734"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=220734"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220734\/revisions"}],"predecessor-version":[{"id":220736,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220734\/revisions\/220736"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/220735"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=220734"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=220734"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=220734"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}