Threats Tagged 'ssh tunnel'
View all threats tagged with 'ssh tunnel'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'ssh tunnel'
Click on any threat for detailed analysis and mitigation recommendations
Unmasking an Attack Chain of MuddyWater 0 An intrusion attributed to MuddyWater, an Iranian-linked APT, was identified in a customer environment. The attack involved initial access through RDP, establishing an SSH tunnel, and deploying malware via DLL side-loading. The threat actor used FMAPP.exe, a legitimate Fortemedia Inc.application, to load a malicious FMAPP.dll for C2 communications. The timeline of activities revealed typos in commands, suggesting manual typing by the attacker. The intrusion included reconnaissance efforts, attempts to verify tunnel functionality, and issues with initial C2 communication. The attack targeted an Israeli company, aligning with known MuddyWater tactics. Join the discussion | AlienVault OTX General | 03/07/2026, 09:44:29 UTC Added: 03/09/2026, 10:51:51 UTC |
Showing 1 to 1 of 1 result