IR

Educated ManticoreEducated Manticore

Also known as: Educated Manticore

Origin
IR
Known aliases
1

Profile

Educated Manticore is an Iranian APT group aligned with the Islamic Revolutionary Guard Corps, primarily engaged in espionage targeting government, military, and academic sectors. The group employs spear-phishing tactics, utilizing custom backdoors like POWERLESS and phishing kits designed as SPAs to harvest credentials. Their operations have included impersonating credible figures to lure victims and using ISO images to initiate infection chains. Educated Manticore's activities are characterized by rapid domain setup and aggressive spear-phishing campaigns, particularly against Israeli individuals.

Aliases· 1

Educated Manticore

References

  1. https://research.checkpoint.com/2025/iranian-educated-manticore-targets-leading-tech-academics
  2. https://blog.checkpoint.com/security/check-point-research-uncovers-rare-techniques-used-by-iranian-affiliated-threat-actor-targeting-israeli-entities/
  3. https://research.checkpoint.com/2023/educated-manticore-iran-aligned-threat-actor-targeting-israel-via-improved-arsenal-of-tools/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Void Manticore
Actor
Scarred Manticore
Actor
LYCEUM
Actor
Pink Sandstorm
Actor
AridViper
Actor
APTIran
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.