Educated Manticore
MISP
Type:
Unknown
Unknown
Country:
IR
IR
First seen:
Unknown
Unknown
Details:
Educated Manticore is an Iranian APT group aligned with the Islamic Revolutionary Guard Corps, primarily engaged in espionage targeting government, military, and academic sectors. The group employs spear-phishing tactics, utilizing custom backdoors like POWERLESS and phishing kits designed as SPAs to harvest credentials. Their operations have included impersonating credible figures to lure victims and using ISO images to initiate infection chains. Educated Manticore's activities are characterized by rapid domain setup and aggressive spear-phishing campaigns, particularly against Israeli individuals.
References (3)
- research.checkpoint.com - Iranian Educated Manticore Targets Leading Tech Academics
- blog.checkpoint.com - Check Point Research Uncovers Rare Techniques Used By Iranian Affiliated Threat Actor Targeting Israeli Entities
- research.checkpoint.com - Educated Manticore Iran Aligned Threat Actor Targeting Israel Via Improved Arsenal Of Tools
Metadata
| ID: | 956 |
| Created: | 22/01/2026 04:00 |
| Updated: | 07/03/2026 16:00 |