{"id":125340,"date":"2025-12-04T11:35:51","date_gmt":"2025-12-04T03:35:51","guid":{"rendered":"https:\/\/version-2.com\/?p=125340"},"modified":"2025-12-04T11:38:55","modified_gmt":"2025-12-04T03:38:55","slug":"irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2025\/12\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\/","title":{"rendered":"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"125340\" class=\"elementor elementor-125340\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-71ae5294 post-content elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"71ae5294\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4a899f&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1e9119cd\" data-id=\"1e9119cd\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4f04f8cb elementor-widget elementor-widget-text-editor\" data-id=\"4f04f8cb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div id=\"content-c12266556\" class=\"frame frame-default frame-type-text frame-layout-0\"><ul><li>ESET researchers have identified new MuddyWater (Iran-aligned cyberespionage group) activity primarily targeting critical infrastructure organizations in Israel, with one confirmed target in Egypt.<\/li><li>The group used more advanced techniques to deploy MuddyViper, a new backdoor, by using a loader (Fooder) that reflectively loads it into memory and executes it.<\/li><li>ESET provides technical analyses of the tools used in this campaign.<\/li><\/ul><p><strong>MONTREAL, BRATISLAVA<\/strong> \u2014 <strong>December 2, 2025<\/strong> \u2014 ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. The victims in Israel were in the technology, engineering, manufacturing, local government, and educational sectors. MuddyWater, also referred to as Mango Sandstorm or TA450, is an Iran-aligned cyberespionage group known for its persistent targeting of government and critical infrastructure sectors, often leveraging custom malware and publicly available tools, and has links to the Ministry of Intelligence and National Security of Iran. In this campaign, the attackers deployed a set of previously undocumented, custom tools with the objective of improving defense evasion and persistence. New backdoor MuddyViper enables the attackers to collect system information, execute files and shell commands, transfer files, and exfiltrate Windows login credentials and browser data. The campaign leverages additional credential stealers. Among these tools is Fooder, a custom loader that masquerades as the classic Snake game.<\/p><p>In this campaign, initial access is typically achieved through spearphishing emails, often containing PDF attachments that link to installers for remote monitoring and management (RMM) software hosted on free file-sharing platforms such as OneHub, Egnyte, or Mega. These links lead to the download of tools including Atera, Level, PDQ, and SimpleHelp. Among the tools deployed by MuddyWater operators is also the VAX One backdoor, named after the legitimate software which it impersonates: Veeam, AnyDesk, Xerox, and the OneDrive updater service.<\/p><p>The group\u2019s continued reliance on this familiar playbook makes its activity relatively easy to detect and block. However, in this case, the group also used more advanced techniques to deploy MuddyViper, a new backdoor, by using a loader (Fooder) that reflectively loads MuddyViper into memory and executes it. Several versions of Fooder masquerade as the classic Snake game, hence the designation, MuddyViper. Another notable characteristic of Fooder is its frequent use of a custom delay function that implements the core logic of the Snake game, combined with \u201cSleep\u201d API calls. These features are intended to delay execution in an attempt to hide malicious behavior from automated analysis systems. Additionally, MuddyWater developers adopted CNG, the next-generation Windows cryptographic API, which is unique for Iran-aligned groups and somewhat atypical across the broader threat landscape. During this campaign, the operators deliberately avoided hands-on-keyboard interactive sessions, which is a historically noisy technique often characterized by mistyped commands. Thus, while some components remain noisy and easily detected, as is typical for MuddyWater, overall this campaign shows signs of technical evolution \u2013 increased precision, strategic targeting, and a more advanced toolset.<\/p><p>The post-compromise toolset also includes multiple credential stealers: CE-Notes, which targets Chromium-based browsers; LP-Notes, which stages and verifies stolen credentials; and Blub, which steals login data from Chrome, Edge, Firefox, and Opera browsers.<\/p><p>MuddyWater was first introduced to the public in 2017 by Unit 42, whose description of the group\u2019s activity is consistent with ESET\u2019s profiling \u2013 a focus on cyberespionage, the use of malicious documents as attachments designed to prompt users to enable macros and bypass security controls, and primarily targeting entities located in the Middle East.<\/p><p>Notable past activities include Operation Quicksand (2020), a cyberespionage campaign targeting Israeli government entities and telecommunications organizations, which exemplifies the group\u2019s evolution from basic phishing tactics to more advanced, multistage operations; and a campaign targeting political groups and organizations in T\u00fcrkiye, demonstrating the group\u2019s geopolitical focus, its ability to adapt social engineering tactics to local contexts, and reliance on modular malware and flexible C&amp;C infrastructure.<\/p><p>ESET has documented multiple campaigns attributed to MuddyWater that highlight the group\u2019s evolving toolset and shifting operational focus. In March and April 2023, MuddyWater targeted an unidentified victim in Saudi Arabia, and the group conducted a campaign in January and February 2025 that was notable for its operational overlap with Lyceum (an OilRig subgroup). This cooperation suggests that MuddyWater may be acting as an initial access broker for other Iran-aligned groups.<\/p><p>For a more detailed analysis of the latest MuddyWater campaign, check out the latest ESET Research blogpost \u201c<a href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/muddywater-snakes-riverbank\/\" target=\"_blank\" rel=\"noopener\">MuddyWater: Snakes by the riverbank<\/a>\u201d on WeLiveSecurity.com.\u00a0Make sure to follow <a href=\"https:\/\/twitter.com\/ESETresearch\" target=\"_blank\" rel=\"noopener\">ESET Research on Twitter (today known as X)<\/a>, <a href=\"https:\/\/bsky.app\/profile\/esetresearch.bsky.social\" target=\"_blank\" rel=\"noopener\">BlueSky<\/a>, and <a href=\"https:\/\/infosec.exchange\/@ESETresearch\" target=\"_blank\" rel=\"noopener\">Mastodon<\/a> for the latest news from ESET Research.<\/p><p class=\"align-center\"><em><strong>Overview of Fooder loading MuddyViper or other supported payloads<\/strong><\/em><\/p><p class=\"align-center\"><em><strong><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png\" alt=\"\" width=\"526\" height=\"342\" \/><br \/><\/strong><\/em><\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a1b0f4 elementor-widget elementor-widget-shortcode\" data-id=\"1a1b0f4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18159\" class=\"elementor elementor-18159\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-73b4cd0 elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"73b4cd0\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8d19c1e\" data-id=\"8d19c1e\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-8865cce elementor-widget elementor-widget-text-editor\" data-id=\"8865cce\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>About ESET<\/strong><br \/>For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&amp;D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>ESET researchers have identified new MuddyWater (Iran-a [&hellip;]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1305,40,61],"tags":[41,1077],"class_list":["post-125340","post","type-post","status-publish","format-standard","hentry","category-1305","category-eset","category-press-release","tag-eset","tag-1077"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers - Version 2\" \/>\n<meta property=\"og:description\" content=\"ESET researchers have identified new MuddyWater (Iran-a [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-04T03:35:51+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-04T03:38:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/12\\\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers\",\"datePublished\":\"2025-12-04T03:35:51+00:00\",\"dateModified\":\"2025-12-04T03:38:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/12\\\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\\\/\"},\"wordCount\":778,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/web-assets.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/ESET_Research\\\/MuddyWater_Snake.png\",\"keywords\":[\"ESET\",\"2025\"],\"articleSection\":[\"2025\",\"ESET\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/12\\\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/\",\"name\":\"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/web-assets.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/ESET_Research\\\/MuddyWater_Snake.png\",\"datePublished\":\"2025-12-04T03:35:51+00:00\",\"dateModified\":\"2025-12-04T03:38:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#primaryimage\",\"url\":\"https:\\\/\\\/web-assets.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/ESET_Research\\\/MuddyWater_Snake.png\",\"contentUrl\":\"https:\\\/\\\/web-assets.eset.com\\\/fileadmin\\\/ESET\\\/INT\\\/OG_images\\\/ESET_Research\\\/MuddyWater_Snake.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/","og_locale":"zh_HK","og_type":"article","og_title":"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers - Version 2","og_description":"ESET researchers have identified new MuddyWater (Iran-a [&hellip;]","og_url":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/","og_site_name":"Version 2","article_published_time":"2025-12-04T03:35:51+00:00","article_modified_time":"2025-12-04T03:38:55+00:00","og_image":[{"url":"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png","type":"","width":"","height":""}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"5 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2025\/12\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers","datePublished":"2025-12-04T03:35:51+00:00","dateModified":"2025-12-04T03:38:55+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2025\/12\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\/"},"wordCount":778,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#primaryimage"},"thumbnailUrl":"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png","keywords":["ESET","2025"],"articleSection":["2025","ESET","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2025\/12\/irans-muddywater-targets-critical-infrastructure-in-israel-and-egypt-masquerades-as-snake-game-eset-research-discovers\/","url":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/","name":"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#primaryimage"},"image":{"@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#primaryimage"},"thumbnailUrl":"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png","datePublished":"2025-12-04T03:35:51+00:00","dateModified":"2025-12-04T03:38:55+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#primaryimage","url":"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png","contentUrl":"https:\/\/web-assets.eset.com\/fileadmin\/ESET\/INT\/OG_images\/ESET_Research\/MuddyWater_Snake.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/iran-muddywater-critical-infrastructure-israel-egypt-snake-game-eset-research\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Iran\u2019s MuddyWater targets critical infrastructure in Israel and Egypt, masquerades as Snake game \u2013 ESET Research discovers"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-wBC","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/125340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=125340"}],"version-history":[{"count":7,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/125340\/revisions"}],"predecessor-version":[{"id":125347,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/125340\/revisions\/125347"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=125340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=125340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=125340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}