The Reveal Platform
Intel Name: Udpgangster campaigns target multiple countries
Date of Scan: December 8, 2025
Impact: High
Summary: UDPGangster is a UDP-based backdoor linked to the MuddyWater threat group, active in cyber-espionage across the Middle East. It enables remote control of infected systems, supporting command execution, file exfiltration, and payload delivery over stealthy UDP channels. Recent campaigns have targeted users in Turkey, Israel, and Azerbaijan. The malware is typically delivered via malicious Word documents containing VBA macros that trigger the payload when enabled. Collected samples show advanced anti-analysis features designed to detect and evade virtual environments and sandboxes.
