APT / THREAT GROUP
Scarred Manticore
🇮🇷Iran-attributed
1
campaigns
1
aliases
Last seen:Mar 17, 2026
Intelligence Profile
Scarred Manticore has been pursuing high-value targets for years, utilizing a variety of IIS-based backdoors to attack Windows servers. These include a variety of custom web shells, custom DLL backdoors, and driver-based implants.
Threat Analysis
Scarred Manticore is a known-sophistication threat actor attributed to Iran, engaged in cyber operations with a primary motivation of unknown activity patterns.
Known Campaigns
Scarred Manticore — Active Operations March 2026
Scarred Manticore is a unknown-motivation threat actor attributed to Iran. Scarred Manticore has been pursuing high-value targets for years, utilizing a variety of IIS-based backdoors to attack Windows servers. These include a variety of custom web shells, custom DLL backdoors, and driver-based implants....
ACTIVEMEDIUM2026
External References
Quick Facts
TypeAPT / Threat Group
Origin🇮🇷 Iran
Aliases1
SourceMalpedia
Also Known As
Scarred Manticore
Research Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.