Watchful Sphinx

Egypt

Details

WATCHFUL SPHINX is an Egypt state-nexus adversary that has been active since at least 2016. Historical WATCHFUL SPHINX activity, previously tracked as the GildedShovel activity cluster, relied on email phishing, credential harvesting, and mobile applications enabling surveillance. Contemporary activity indicates an expansion of their capabilities to include the custom Remote Access Tool (RAT) Stea...

Community Identifiers

Tk8FD0KSVywgIPo

Objective

  • yrfa3KhGZsEiTupWJB1tbY2

Motivation

  • x8giJEZwlXk40DB

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo