Threat Intelligence4 min read
MuddyWater Used Teams Screen-Sharing to Steal Creds, Deployed Ransomware as Cover
Iranian APT MuddyWater hijacked Microsoft Teams to harvest credentials via live screen-sharing, then dropped Chaos ransomware as a false flag to hide espionage. Rapid7 linked the campaign to 36 victims.
Alex KowalskiMay 8, 2026