A direct operational link between Iran’s MuddyWater espionage group and the Russian TAG-150 CastleRAT malware-as-a-service (MaaS) platform, showing how state and criminal ecosystems are now tightly intertwined. Investigators recovered 15 malware samples, including at least two CastleRAT “builds” and a PowerShell script named reset.ps1 that deploys a previously undocumented JavaScript/Node.js agent dubbed ChainShell. On this server, two native […]
The post Hackers Tie Iranian Espionage to CastleRAT and ChainShell appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: