ProjectSauron is a highly sophisticated cyber-espionage platform attributed to a nation-state actor that was active from at least June 2011 until April 2016. Publicly discovered in 2016, the group is primarily motivated by long-term intelligence gathering, specifically targeting governmental organizations and critical infrastructure to steal encryption keys and sensitive communications data. What distinguishes ProjectSauron is its unique operational approach, where all malware components and infrastructure are custom-built and distinct for each target, rendering traditional indicators of compromise largely ineffective. The group also possesses a notable capability to exfiltrate data from air-gapped networks through specially prepared USB storage drives. The actor operates under aliases such as Remsec and Strider.