Summary

The Iranian hacking group MuddyWater has initiated a cyber campaign named Operation Olalampo, targeting organizations and individuals in the Middle East and North Africa (MENA) region. The campaign, observed since January 26, 2026, involves the deployment of new malware families.

Key Points

• MuddyWater is also known as Earth Vetala, Mango Sandstorm, and MUDDYCOAST.
• The campaign is called Operation Olalampo.
• Targets are primarily located in the MENA region.
• The operation commenced on January 26, 2026.
• New malware families involved include GhostFetch, CHAR, and HTTP_VIP.

Analysis

The significance of this campaign lies in its focus on the MENA region, a strategic area for geopolitical interests. MuddyWater's use of new malware families indicates an evolution in their tactics, potentially increasing the threat level for organizations in the targeted regions. This highlights the need for enhanced cybersecurity measures and awareness among IT professionals in these areas.

Conclusion

IT professionals in the MENA region should prioritize updating their security protocols and monitoring systems for signs of the new malware families. Staying informed about the latest threat intelligence and sharing information across networks can help mitigate the risks posed by Operation Olalampo.