Operation Quicksand

A cyber espionage campaign aimed at organizations in Israel and around the world was discovered and attributed to the MuddyWater threat actor. Two primary attack vectors were used during the operation to install the PowGoop malicious software including exploiting flaws in Microsoft software and sending decoy documents through spam emails. The various tools and techniques used during the attacks were web shells, backdoors, droppers, macros, and PowerShell and VBA code.