Earth Vetala is an alternate name for the group known as MuddyWater

---

Earth Vetala is an advanced persistent threat that targets organizations in various industries, including healthcare and finance. It has been active since at least 2015 and uses multiple techniques to evade detection by security systems. The group's main focus appears to be on stealing sensitive information such as financial data or personal identifiable information (PII). Earth Vetala is considered a high-level threat due to its sophistication, persistence, and ability to remain undetected for extended periods of time.

Techniques, tactics and practices:

Earth Vetala uses a variety of techniques to evade detection by security systems, including:

1. Spear phishing emails that contain malicious attachments or links. These are often tailored to the recipient's interests and may appear legitimate at first glance.
2. Malware downloaders disguised as legitimate software updates for popular programs such as Adobe Flash Player, Java, and Microsoft Office. Once installed on a victim's system, these downloaders can install additional malware or provide remote access to the compromised machine.
3. Watering hole attacks that target specific websites frequented by employees of targeted organizations. These sites may be infected with exploits for vulnerabilities in popular web browsers such as Internet Explorer and Chrome. Once a victim visits an infected site, their system can become compromised without them even realizing it.
4. Remote access tools (RATs) that allow attackers