← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Iranian Educated Manticore Targets Leading Tech Academics
WHITE Educated Manticore AlienVault 2025-06-26 Modified: 2025-07-26
129
IOCs
HIGH VOLUME
The Iranian threat group Educated Manticore, associated with the Islamic Revolutionary Guard Corps, has launched spear-phishing campaigns targeting Israeli journalists, cyber security experts and computer science professors. The attackers posed as fictitious assistants to technology executives or researchers, directing victims to fake Gmail login pages or Google Meet invitations. This allowed them to intercept passwords and 2FA codes, gaining unauthorized access to victims' accounts. The group used a custom phishing kit implemented as a Single Page Application built with React, supporting various Google authentication flows and enabling 2FA relay attacks. The infrastructure relied on over 130 unique domains resolving to multiple IP addresses. Despite increased exposure, Educated Manticore continues to pose a persistent threat, particularly to individuals in Israel during the Iran-Israel conflict escalation.
Educated ManticoreIranAPT42Charming Kitten
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
CharmPower - S0674 PowerLess - S1012
Indicators of Compromise (129)
All domain
TYPEINDICATORDESCRIPTIONCREATED
domain adams-cooling.online 2025-06-26
domain albert-company.online 2025-06-26
domain alex-mendez-fire.info 2025-06-26
domain alison624.online 2025-06-26
domain all-for-city.info 2025-06-26
domain alpha-man.info 2025-06-26
domain amg-car-ger.info 2025-06-26
domain anna-blog.info 2025-06-26
domain arizonaclub.me 2025-06-26
domain arrow-click.info 2025-06-26
domain backback.info 2025-06-26
domain becker624.online 2025-06-26
domain best85best.online 2025-06-26
domain bestshopu.online 2025-06-26
domain beta-man.info 2025-06-26
domain black-friday-store.online 2025-06-26
domain book-handwrite.online 2025-06-26
domain bracs-lion.online 2025-06-26
domain cc-newton.info 2025-06-26
domain city-splash.online 2025-06-26
domain clame-rade.online 2025-06-26
domain cloth-model.blog 2025-06-26
domain clothes-show.online 2025-06-26
domain conn-ectionor.cfd 2025-06-26
domain connect-room.online 2025-06-26
domain cook-tips.info 2025-06-26
domain course-math.info 2025-06-26
domain crysus-h.info 2025-06-26
domain crysus-p.info 2025-06-26
domain cyberlattice.pro 2025-06-26
domain dmn-for-car.online 2025-06-26
domain dmn-for-hall.online 2025-06-26
domain door-black-meter.online 2025-06-26
domain encryption-redirect.online 2025-06-26
domain est5090.online 2025-06-26
domain everything-here.info 2025-06-26
domain exir-juice.online 2025-06-26
domain expressmarket.online 2025-06-26
domain first-course.online 2025-06-26
domain food-tips-blog.online 2025-06-26
domain gallery-shop.online 2025-06-26
domain good-news.cfd 2025-06-26
domain good-news.fashion 2025-06-26
domain good-student.online 2025-06-26
domain goods-companies.online 2025-06-26
domain healthy-lifestyle.fit 2025-06-26
domain hrd-dmn.info 2025-06-26
domain human-fly900.online 2025-06-26
domain idea-home.online 2025-06-26
domain infinit-world.info 2025-06-26
domain lenan-rex.online 2025-06-26
domain lesson-first.info 2025-06-26
domain live-coaching.online 2025-06-26
domain live-conn.online 2025-06-26
domain live-content.online 2025-06-26
domain live-gml.online 2025-06-26
domain live-meet.blog 2025-06-26
domain live-meet.cfd 2025-06-26
domain live-meet.cloud 2025-06-26
domain live-meet.info 2025-06-26
domain live-meet.live 2025-06-26
domain live-message.online 2025-06-26
domain loads-ideas.online 2025-06-26
domain lynda-tricks.online 2025-06-26
domain make-house.online 2025-06-26
domain master-club.info 2025-06-26
domain meet-work.info 2025-06-26
domain message-live.online 2025-06-26
domain network-game.xyz 2025-06-26
domain network-review.xyz 2025-06-26
domain network-show-a.online 2025-06-26
domain network-show.online 2025-06-26
domain nice-goods.online 2025-06-26
domain normal-dmn.info 2025-06-26
domain nsim-pa.info 2025-06-26
domain nsim-ph.info 2025-06-26
domain ntp-clock-h.info 2025-06-26
domain ntp-clock-p.info 2025-06-26
domain online-room.online 2025-06-26
domain optio-nalynk.online 2025-06-26
domain pa-crtdomain.info 2025-06-26
domain panel-meeting.info 2025-06-26
domain panel-network.online 2025-06-26
domain panel-redirect.online 2025-06-26
domain ph-crtdomain.info 2025-06-26
domain ph-work.info 2025-06-26
domain platinum-cnt.info 2025-06-26
domain pnl-worth.online 2025-06-26
domain prj-pa.info 2025-06-26
domain prj-ph.info 2025-06-26
domain prt-max.online 2025-06-26
domain ptr-cc.online 2025-06-26
domain ques-tion-ing.xyz 2025-06-26
domain rap-art.info 2025-06-26
domain reading-course.online 2025-06-26
domain redirect-review.online 2025-06-26
domain reg-d.info 2025-06-26
domain ricardo-mell.online 2025-06-26
domain roland-cc.online 2025-06-26
domain royalsoul.online 2025-06-26
domain sendly-ink.shop 2025-06-26
domain shadow-network.best 2025-06-26
domain shaer-likn.store 2025-06-26
domain show-verify.xyz 2025-06-26
domain sky-writer.online 2025-06-26
domain socks.beauty 2025-06-26
domain spring-club.info 2025-06-26
domain stadium-fresh.online 2025-06-26
domain steve-brown.info 2025-06-26
domain storm-wave.online 2025-06-26
domain suite-moral.info 2025-06-26
domain teammate-live.online 2025-06-26
domain thomas-mark.xyz 2025-06-26
domain tomas-company.online 2025-06-26
domain top-game.online 2025-06-26
domain ude-final.online 2025-06-26
domain warning-d.info 2025-06-26
domain warplogic.pro 2025-06-26
domain wash-less.online 2025-06-26
domain wer-d.info 2025-06-26
domain white-car.online 2025-06-26
domain white-life-bl.info 2025-06-26
domain white-life.info 2025-06-26
domain wood-house.online 2025-06-26
domain word-course.online 2025-06-26
domain work-meeting.info 2025-06-26
domain world-shop.online 2025-06-26
domain yamal-group.online 2025-06-26
domain zra-roll.online 2025-06-26
References (1)
↗ https://research.checkpoint.com/2025/iranian-educated-manticore-targets-leading-tech-academics/