Targeting of high-profile government, aviation, energy, telecoms and banking-sector entities in the Middle East and North Africa
Date of report
  • April 2023
MuddyWater ran a phishing campaign that likely began in July 2021 against high-profile government, aviation, banking-sector, energy, and telecommunications entities in the Middle East and North Africa.
Suspected victims
  • High-profile government, aviation, energy, telecommunications companies and banking-sector entities in Armenia, Azerbaijan, Bahrain, Canada, Egypt, Israel, Jordan, Kuwait, Malaysia, Saudi Arabia, Syria, Turkey, and the United Arab Emirates
Suspected state sponsor
  • Iran (Islamic Republic of)
Type of incident
  • Espionage
Target category
  • Government
  • Private sector
  • Civil society
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response