Void Manticore Destructive Activities in Israel
May 21, 2024, 4:07 p.m.
Description
This analysis details the destructive operations carried out by the Iranian threat actor Void Manticore, also known as Storm-842, against Israeli organizations. The group utilizes various techniques, including custom wipers for Windows and Linux, manual file deletion, and partition table corruption. Their activities involve leaking exfiltrated data through online personas like 'Karma' and are characterized by politically charged messaging, such as naming their wipers after Israeli Prime Minister Benjamin Netanyahu. Void Manticore's operations exhibit coordination with another Iranian actor, Scarred Manticore (Storm-861), suggesting target handoffs between the two groups.
Tags
Date
- Created: May 20, 2024, 4:35 p.m.
- Published: May 20, 2024, 4:35 p.m.
- Modified: May 21, 2024, 4:07 p.m.
Additional Informations
- Albania
- Israel