An Iranian hacking group has been observed camouflaging destructive attacks against Israeli targets as ransomware attacks while maintaining access to victims’ networks for months in what looks like an extensive espionage campaign.
The threat actor, tracked as Agrius by SentinelLabs researchers, has targeted Israel starting with December 2020.
“Initially engaged in espionage activity, Agrius deployed a set of destructive wiper attacks against Israeli targets, masquerading the activity as ransomware attacks,” said Amitai Ben Shushan Ehrlich, Threat Intelligence Researcher at SentinelOne.
Read more…
Source: Bleeping Computer