Cyber Resilience

Threat actor · all actors

WindshiftG0112 unknown

aka Windshift, Bahamut

Last updated: 2026-07-03

0attributed CVEs
24ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[Windshift](https://attack.mitre.org/groups/G0112) is a threat group that has been active since at least 2017, targeting specific individuals for surveillance in government departments and critical infrastructure across the Middle East.(Citation: SANS Windshift August 2018)(Citation: objective-see windtail1 dec 2018)(Citation: objective-see windtail2 jan 2019)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-417 / 2471%
CM-216 / 2467%
CM-616 / 2467%
SI-316 / 2467%
CA-714 / 2458%
AC-411 / 2446%
CM-711 / 2446%
SC-711 / 2446%
SI-210 / 2442%
SI-79 / 2438%
SC-447 / 2429%
SI-87 / 2429%
AC-66 / 2425%
IA-96 / 2425%
AC-25 / 2421%

Co-occurring actors

None.

Similar actors

Similar TTPs