Watchful Sphinx

Egypt

Details

WATCHFUL SPHINX is an Egypt state-nexus adversary that has been active since at least 2016. Historical WATCHFUL SPHINX activity, previously tracked as the GildedShovel activity cluster, relied on email phishing, credential harvesting, and mobile applications enabling surveillance. Contemporary activity indicates an expansion of their capabilities to include the custom Remote Access Tool (RAT) Stea...

Community Identifiers

DY7c6yrVzije4dN

Objective

  • r8L9VMyt562FSiRw7HgUWB4

Motivation

  • k4PSglME5BCe6q7

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.