Advanced Threats
March 15, 20261 min read98
MuddyWater Infiltration Campaign Uncovered: Iranian Group Targets Jordan, Turkey and Azerbaijan
The MuddyWater group, backed by Iran's Ministry of Intelligence, deployed new backdoors against targets in Jordan, Turkey and Azerbaijan in a long-term espionage campaign.
By Titan Layer Editorial Team
Published on March 15, 2026
Source: —
Security researchers uncovered a new campaign by the MuddyWater group — an advanced threat actor sponsored by Iran's Ministry of Intelligence and Security (MOIS) — targeting government and defense organizations in Jordan, Turkey and Azerbaijan.
The campaign deployed two new custom backdoors: BugSleep (a lightweight implant establishing encrypted C2 communication) and Velho (a more sophisticated Python-based backdoor capable of screenshots, keylogging and persistent access).
The campaign uses spear-phishing with legitimate document formats in local languages, impersonating government communications. This reflects growing geopolitical tensions and serves as a warning for organizations in countries with tense relations with Iran.
Article information
Editorial author:Titan Layer Editorial Team
Original source:—
Original publisher:—
Original author:—
Original publication date:—
Reference link:—
Titan Layer publication date:March 15, 2026
Content type:Curated summary and editorial analysis
#iran#APT#muddywater#backdoor#espionagem
Share this article
Related Articles
Cyber Crime
Deep#Door Backdoor: A Sophisticated Threat for Espionage and Disruption
Titan Layer
3d ago
Cyber Crime
Iranian Cyber Group Handala Targets US Troops in Bahrain
Titan Layer
5d ago
Malware
Threat Actor UNC6692 Uses Microsoft Teams to Deploy New 'Snow' Malware
Titan Layer
4/25/2026