"Iranian Agonizing Serpens APT Is Targeting Israeli Entities With Destructive Cyberattacks"
Since January 2023, the Iran-linked Agonizing Serpens group, also known as Agrius, BlackShadow, Pink Sandstorm, and DEV-0022, has been launching destructive cyberattacks against Israeli organizations in the higher education and technology sectors. According to Palo Alto Networks' Unit 42 researchers, the threat actors first try to steal sensitive data such as Personally Identifiable Information (PII) and Intellectual Property (IP) and then use various wipers to cover their tracks. The researchers observed the use of previously unknown wipers named MultiLayer, PartialWasher, and Sqlextractor. This article continues to discuss findings regarding the Agonizing Serpens group.
Submitted by grigby1
Submitted by grigby1 CPVI
on