Iran-Linked Agrius APT Group Targets Israeli Education, Tech Sectors

  /     /     /  
Publicated : 23/11/2024   Category : security

Iran-Linked Agrius APT Group Targets Israeli Education, Tech Sectors


The attackers also use custom wipers to cover their tracks and bypass EDR.


A series of attacks has targeted the Israeli higher education and technology sectors throughout this year, stealing personal information and disabling endpoints.
Research by Palo Alto Networks Unit 42
found the attackers
— which it identified as the advanced persistent threat (APT) Agonizing Serpens (aka 
Agrius
, BlackShadow, Pink Sandstorm, and DEV-0022), linked to Iran — were able to exploit Internet-facing Web servers, and deploy multiple Web shells into their targets in order to get a foothold in a network.
Typical attacks from Agonizing Serpens involve stealing sensitive information that includes PII and intellectual property, which is then published on social media or Telegram channels to sow fear or inflict reputational damage. In the recent string of Israeli attacks, the group stole ID numbers, passport scans, and email and postal addresses.
The researchers from Unit 42 did not specifically name any of the targets, but confirmed that only Israeli organizations were affected by the attacks.
The attackers also use
custom wipers
to render endpoints unusable and to cover their tracks. This tactic
was first detected
in attacks conducted in 2021; it has resurfaced as the attackers place an emphasis on stealth and evasive techniques to bypass security solutions such as endpoint detection and response (EDR).

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Iran-Linked Agrius APT Group Targets Israeli Education, Tech Sectors