WATCHFUL SPHINX is an Egypt state-nexus adversary that has been active since at least 2016. Historical WATCHFUL SPHINX activity, previously tracked as the GildedShovel activity cluster, relied on email phishing, credential harvesting, and mobile applications enabling surveillance. Contemporary activity indicates an expansion of their capabilities to include the custom Remote Access Tool (RAT) Stea...
Contact our team about
IOCs for this adversary