The Iranian-backed MuddyWater hacking group is using a new malware implant called BugSleep to steal files and execute commands on compromised systems. Distributed via phishing emails posing as webinar invitations, BugSleep is injected into various applications like Microsoft Edge and Google Chrome. Discovered by Check Point Research, the malware is under active development. MuddyWater, linked to Iran’s Ministry of Intelligence and Security, targets government, airlines, and media sectors globally, with a focus on Israel, using BugSleep for persistent access alongside other tools.