Watchful Sphinx

Egypt

Details

WATCHFUL SPHINX is an Egypt state-nexus adversary that has been active since at least 2016. Historical WATCHFUL SPHINX activity, previously tracked as the GildedShovel activity cluster, relied on email phishing, credential harvesting, and mobile applications enabling surveillance. Contemporary activity indicates an expansion of their capabilities to include the custom Remote Access Tool (RAT) Stea...

Community Identifiers

IVb8MSYxAQcH3o9

Objective

  • cDf1z3sobQCUrE4ni7RX9pJ

Motivation

  • ZzYpm9G3aPUbS8q

Contact our team about
IOCs for this adversary

?

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Unlock the adversary universe

Thank you for your request!

A member of our team will be in touch shortly.

CrowdStrike logo