HIGHRansomware
Global

Iranian government hackers using Chaos ransomware as cover, researchers say

·Source: The Record

Updated:

Executive Summary

Incident responders from cybersecurity firm Rapid7 published a report about a recent intrusion that initially appeared to be a Chaos ransomware attack but was later discovered to be an attack attributed to MuddyWater, an Iranian APT group tied to the country’s Ministry of Intelligence and Security (MOIS).

Analysis

Incident responders from cybersecurity firm Rapid7 published a report about a recent intrusion that initially appeared to be a Chaos ransomware attack but was later discovered to be an attack attributed to MuddyWater, an Iranian APT group tied to the country’s Ministry of Intelligence and Security (MOIS).
Source Attribution

Originally published by The Record on May 7, 2026.

Related Threats

HIGHRansomware

To pay, or not to pay: 58% of CISOs say they would pay the ransom for their data

If you were hit by ransomware tomorrow, would you pay to get your data back? That’s what more than half of CISOs in a recent survey said their organization would do. It’s a situation more companies are going to face in future. “Attacks are increasing and continuing to increase,” said Christy Wyatt , CEO of security vendor Absolute Software, which commissioned the survey. “Companies are better prep

CSO Online
HIGHRansomware

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The disruption of First VPN Service was led by France and the Netherlands, with several other nations supporting the investigation since December

The Hacker News
HIGHRansomware

Police take down VPN service (this time with a good reason)

European authorities have cracked down on a VPN that has been used for various criminal activities. The operation, led by investigators in France and the Netherlands with help from Europol and Eurojust, has dismantled First VPN, a service that has been heavily promoted within Russia as a way of evading law enforcement. Criminals used it to conceal their identities and infrastructure while carrying

CSO Online