Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
1 min read
Summary
Palo Alto Networks’ Unit 42 has released a report into a threat group known as Muddled Libra, which at the intersection of social engineering and agile technology adaptation, poses a significant threat to even organisations with established cyber defences in place.
Muddled Libra was first seen targeting business process outsourcing firms serving high-value cryptocurrency holders, and has since moved into a ransomware affiliate model with extortion as its main goal.
Common tactics, techniques and procedures (TTPs) include social engineering of both end users and helpdesks, with the group often using artificial intelligence to spoof victims’ voices.
To counter Muddled Libra, organisations must introduce tight security controls, provide diligent user awareness training and maintain vigilant monitoring to counter this threat.
