Hacker group MuddyWater carried out a targeted attack on government institutions of Azerbaijan, according to the Kaspersky Lab’s report.
The review provides a sample of a phishing document created to attack the Ministry of Internal Affairs of Azerbaijan.
MuddyWater’s attacks are based on social engineering to convince users to activate macros. The attackers rely on a number of vulnerable hosts to deliver their attacks.
This hacker group appeared in 2017 and was originally aimed at government facilities in Saudi Arabia and Iraq. Recently, however, it has targeted the state institutions of Azerbaijan, Turkey, Pakistan, Jordan, the Middle East, Europe and the US.
Recently, Mali, Austria, Russia, Iran and Bahrain have also become victims of MuddyWater attacks. The attack is carried out mainly on government and military facilities, telecommunications operators and educational institutions.
The attacks of the group have increased since early 2018. The greatest activity has been observed since May, the attacks are still ongoing.