Void Manticore

Also known as: Void Manticore

Void Manticore is an Iranian APT group affiliated with MOIS, known for conducting destructive wiping attacks and influence operations. They collaborate with Scarred Manticore, sharing targets and conducting disruptive operations using custom wipers. Void Manticore’s TTPs involve manual file deletion, lateral movement via RDP, and the deployment of custom wipers like the BiBi wiper. The group utilizes online personas like ‘Karma’ and ‘Homeland Justice’ to leak information and amplify the impact of their attacks.

🌍 Country Iran

Introduction

Void Manticore is an Iranian APT group affiliated with MOIS, known for conducting destructive wiping attacks and influence operations. They collaborate with Scarred Manticore, sharing targets and conducting disruptive operations using custom wipers. Void Manticore’s TTPs involve manual file deletion, lateral movement via RDP, and the deployment of custom wipers like the BiBi wiper. The group utilizes online personas like ‘Karma’ and ‘Homeland Justice’ to leak information and amplify the impact of their attacks.

Activities and Tactics

Country of Origin: 🇮🇷 Iran

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • Wiper

Attribution and Evidence

Country of Origin: Iran Additional attribution information pending cataloguing.

References

References pending cataloguing.