| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Educated Manticore is an Iranian APT group aligned with the Islamic Revolutionary Guard Corps, primarily engaged in espionage targeting government, military, and academic sectors. The group employs spear-phishing tactics, utilizing custom backdoors like POWERLESS and phishing kits designed as SPAs to harvest credentials. Their operations have included impersonating credible figures to lure victims and using ISO images to initiate infection chains. Educated Manticore's activities are characterized by rapid domain setup and aggressive spear-phishing campaigns, particularly against Israeli individuals.
There are currently no families associated with this actor.
| 2025-06-25
⋅
Check Point Research
⋅
Iranian Educated Manticore Targets Leading Tech Academics Educated Manticore |
| 2023-04-25
⋅
Check Point Research
⋅
Check Point Research uncovers rare techniques used by Iranian-affiliated threat actor, targeting Israeli entities Educated Manticore |
| 2023-04-25
⋅
Check Point Research
⋅
Educated Manticore – Iran Aligned Threat Actor Targeting Israel via Improved Arsenal of Tools Educated Manticore |