{"id":1882,"date":"2026-03-10T09:59:30","date_gmt":"2026-03-10T09:59:30","guid":{"rendered":"https:\/\/www.tsfactory.com\/forums\/?p=1882"},"modified":"2026-03-10T09:59:30","modified_gmt":"2026-03-10T09:59:30","slug":"iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity","status":"publish","type":"post","link":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/","title":{"rendered":"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity"},"content":{"rendered":"<p>The Iranian advanced persistent threat group known as Seedworm \u2014 also tracked as MuddyWater, Temp Zagros, and Static Kitten \u2014 has been found actively operating inside the networks of multiple U.S. organizations since early February 2026, raising serious alarms across the cybersecurity community.<\/p>\n<p>The group\u2019s intensified activity follows the coordinated U.S. and Israeli military strikes on Iran on February 28, 2026, which led to the death of Iran\u2019s Supreme Leader and dramatically escalated regional tensions.<\/p>\n<p>Iran\u2019s response has not been limited to conventional military retaliation; its cyber operatives appear to have used the rising conflict as a direct trigger to accelerate intrusions against American and allied targets.<\/p>\n<p>Seedworm has been active since at least 2017 and is formally classified by CISA as a subordinate element of Iran\u2019s Ministry of Intelligence and Security (MOIS).<\/p>\n<p>Over the years, the group has shifted its targeting focus from the Middle East to include telecommunications companies, defense contractors, local governments, and oil and natural gas organizations across Asia, Africa, Europe, and North America.<\/p>\n<p>The group develops its own custom malware while also leveraging legitimate dual-use tools, allowing it to blend quietly into normal network environments.<\/p>\n<p><a id=\"https:\/\/www.security.com\/threat-intelligence\/iran-cyber-threat-activity-us\" href=\"https:\/\/www.security.com\/threat-intelligence\/iran-cyber-threat-activity-us\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Symantec researchers identified intrusion activity<\/a>\u00a0on the networks of a U.S. bank, a U.S. airport, a software company with defense and aerospace industry ties, and non-governmental organizations in both the U.S. and Canada.<\/p>\n<p>The software company\u2019s Israeli operations appeared to be the primary focus in that intrusion, with Seedworm seemingly using the company\u2019s global presence as a lateral access bridge.<\/p>\n<p>Notably, these breaches were already underway before the military conflict formally began, suggesting the group had been quietly positioning itself inside high-value networks well in advance of the escalation.<\/p>\n<p>The UK\u2019s National Cyber Security Centre issued a formal alert warning that Iranian state-aligned actors \u201calmost certainly currently maintain at least some capability to conduct cyber activity,\u201d even with the ongoing disruption to internet infrastructure inside Iran itself.<\/p>\n<p><a href=\"https:\/\/cybersecuritynews.com\/iran-linked-hackers-target-u-s-critical-infrastructure\/\">Read the Full Story Here<\/a><\/p>\n<p>Source: Cybersecurity News<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Iranian advanced persistent threat group known as Seedworm \u2014 also tracked as MuddyWater, Temp Zagros, and Static Kitten \u2014 has been found actively operating inside the networks of multiple U.S. organizations since early February 2026, raising serious alarms across the cybersecurity community. The group\u2019s intensified activity follows the coordinated U.S. and Israeli military strikes [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1334,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1882","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity - Community<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity - Community\" \/>\n<meta property=\"og:description\" content=\"The Iranian advanced persistent threat group known as Seedworm \u2014 also tracked as MuddyWater, Temp Zagros, and Static Kitten \u2014 has been found actively operating inside the networks of multiple U.S. organizations since early February 2026, raising serious alarms across the cybersecurity community. The group\u2019s intensified activity follows the coordinated U.S. and Israeli military strikes [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/\" \/>\n<meta property=\"og:site_name\" content=\"Community\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TSFactoryLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-10T09:59:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"853\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chelsie Wyatt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:site\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chelsie Wyatt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/\",\"name\":\"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity - Community\",\"isPartOf\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\",\"datePublished\":\"2026-03-10T09:59:30+00:00\",\"author\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#primaryimage\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\",\"contentUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg\",\"width\":1280,\"height\":853},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.tsfactory.com\/forums\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/\",\"name\":\"Community\",\"description\":\"TSFactory\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\",\"name\":\"Chelsie Wyatt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"caption\":\"Chelsie Wyatt\"},\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity - Community","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/","og_locale":"en_US","og_type":"article","og_title":"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity - Community","og_description":"The Iranian advanced persistent threat group known as Seedworm \u2014 also tracked as MuddyWater, Temp Zagros, and Static Kitten \u2014 has been found actively operating inside the networks of multiple U.S. organizations since early February 2026, raising serious alarms across the cybersecurity community. The group\u2019s intensified activity follows the coordinated U.S. and Israeli military strikes [&hellip;]","og_url":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/","og_site_name":"Community","article_publisher":"https:\/\/www.facebook.com\/TSFactoryLLC\/","article_published_time":"2026-03-10T09:59:30+00:00","og_image":[{"width":1280,"height":853,"url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","type":"image\/jpeg"}],"author":"Chelsie Wyatt","twitter_card":"summary_large_image","twitter_creator":"@TSFactoryLLC","twitter_site":"@TSFactoryLLC","twitter_misc":{"Written by":"Chelsie Wyatt","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/","url":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/","name":"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity - Community","isPartOf":{"@id":"https:\/\/www.tsfactory.com\/forums\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#primaryimage"},"image":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","datePublished":"2026-03-10T09:59:30+00:00","author":{"@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f"},"breadcrumb":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#primaryimage","url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","contentUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2024\/08\/pexels-harold-vasquez-853421-2653362.jpg","width":1280,"height":853},{"@type":"BreadcrumbList","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/iran-linked-hackers-target-u-s-critical-infrastructure-amid-rising-cyber-threat-activity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tsfactory.com\/forums\/"},{"@type":"ListItem","position":2,"name":"Iran-Linked Hackers Target U.S. Critical Infrastructure Amid Rising Cyber Threat Activity"}]},{"@type":"WebSite","@id":"https:\/\/www.tsfactory.com\/forums\/#website","url":"https:\/\/www.tsfactory.com\/forums\/","name":"Community","description":"TSFactory","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f","name":"Chelsie Wyatt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","caption":"Chelsie Wyatt"},"url":"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1882","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/comments?post=1882"}],"version-history":[{"count":1,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1882\/revisions"}],"predecessor-version":[{"id":1883,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1882\/revisions\/1883"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media\/1334"}],"wp:attachment":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media?parent=1882"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/categories?post=1882"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/tags?post=1882"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}