MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

Published: 5 days ago (May 6, 2026 at 09:00 AM EDT)

1 min read

Source: The Hacker News

MuddyWater ransomware “false flag” attack

The Iranian state‑sponsored hacking group known as MuddyWater (also referred to as Mango Sandstorm, Seedworm, and Static Kitten) has been attributed to a ransomware attack described as a “false flag” operation.

The attack, observed by Rapid7 in early 2026, leveraged social‑engineering techniques via Microsoft Teams to initiate the infection sequence.

Back to Blog

Cyber Immunity in the AI Era

'Presentation Overview Adapted from Sasha Le’s keynote Senior Engineer, Tide Foundation at the launch of the RMIT AWS Innovation Lab RAIL – 21 April 2026.

Trellix source code breach claimed by RansomHouse hackers or RansomHouse hackers claim Trellix source code breach

!https://www.bleepstatic.com/content/hl-images/2026/05/08/TrellixRansomHouse.jpg Overview The RansomHouse threat group has claimed responsibility for the recent...

ADT says customer data stolen in cyber intrusion

Incident Overview The home security company ADT reported that cybercriminals breached its systems on Monday, stealing a “limited set” of customer and prospecti...

DOJ says ransomware gang tapped into Russian government databases

Sentencing of Deniss Zolotarjovs A U.S. court sentenced Latvian hacker Deniss Zolotarjovs to more than eight years in prison after convicting him of conducting...

MuddyWater ransomware “false flag” attack

Related posts

Cyber Immunity in the AI Era

Trellix source code breach claimed by RansomHouse hackers or RansomHouse hackers claim Trellix source code breach

ADT says customer data stolen in cyber intrusion

DOJ says ransomware gang tapped into Russian government databases