The known tactic, which helps attackers sidestep detection, has been observed in spam messages that deploy Emotet.
Researchers believe that China-linked threat group APT41 is behind the highly targeted attack.
The U.S. government gave details on 17 MuddyWater samples and linked the threat group to the Iranian intelligence service.
The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.
Proofpoint's Sherrod DeGrippo discusses the top malware trends of the past year, including Emotet's takedown and eventual return.