MERCURY is an alternate name for the group known as MuddyWater

---

MERCURY is an advanced persistent threat (APT) that has been used in cyber attacks against various organizations, including government agencies and defense contractors. It is believed to have originated from China's People's Liberation Army (PLA). MERCURY uses a combination of malware tools and techniques such as spear-phishing emails, watering hole attacks, and remote access Trojans (RAT) to gain unauthorized access into targeted systems. It is considered one of the most sophisticated APTs ever discovered due to its ability to evade detection by antivirus software and other security measures.

Techniques, tactics and practices:

MERCURY uses a combination of malware tools and techniques such as spear-phishing emails, watering hole attacks, and remote access Trojans (RAT) to gain unauthorized access into targeted systems. It is also known for its ability to evade detection by antivirus software and other security measures through various tactics including stealth techniques such as using encrypted communication channels and avoiding common attack patterns. MERCURY has been observed conducting reconnaissance activities, exfiltrating sensitive data from compromised systems, and establishing persistent access for future exploitation.