Today, cybersecurity sources reported that Iran’s “MuddyWater” hacker group has launched a new attack campaign targeting Turkiye, Israel, and Azerbaijan. The attacks make use of a new malicious program called “UDPGangster,” applied by the group for the first time.

Axar.az reports that the attacks mainly spread through spear‑phishing emails. The messages appear to be sent on behalf of the Ministry of Foreign Affairs of the Turkish Republic of Northern Cyprus and are presented as invitations to a fake seminar titled “Presidential Elections and Results.”

When the attached Word document is opened and macros are enabled, the malicious code runs and installs “UDPGangster” onto the system. When the document is opened, a fake notification prepared in the name of the telecom company “Bezeq” is shown to the user.

Experts say the primary targets are diplomatic institutions, state agencies, and critical sector organizations. It is believed that the attacks may expand in the coming days.

Cybersecurity specialists have advised users not to open unknown documents and not to enable macros.