Targeting of network technology providers and organizations working with refugees in the Middle East

Date of report

October 2020

Affiliations

MuddyWater

Iranian hacking group MuddyWater exploited known Zerologon vulnerabilities to compromise servers used by organizations working with refugees in the Middle East.

Suspected victims

Network technology providers and organizations working with refugees in the Middle East

Suspected state sponsor

Iran (Islamic Republic of)

Type of incident

Espionage

Target category

Civil society
Private sector

Victim government reaction

Unknown

Microsoft Says Iranian Hackers Are Exploiting the Zerologon Vulnerability
ZeroLogon Is Now Detected by Microsoft Defender for Identity (CVE-2020-1472 Exploitation)

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events