Iranian APT MuddyWater Deployed Chaos Ransomware as a False Flag to Disguise State-Sponsored Espionage
Rapid7 links a Chaos ransomware intrusion in early 2026 to Iranian state-linked MuddyWater, finding no encryption deployed — only credential theft and data exfiltration under ransomware cover.
4 min read5 sources