A earlier cyberattack on an Israeli software program developer is being utilized by Agrius Advanced Persistent Threat (APT) group to launch wiper assaults in opposition to varied organizations within the diamond trade.
Although Agrius and its assault in opposition to Israeli IT and HR corporations final February was beforehand recognized, utilizing the “Fantasy” wiper in assaults is new, based on researchers at ESET.
Fantasy is a modified iteration of the Apostle malware, the group mentioned. But whereas its predecessor Apostle masqueraded as ransomware, Fantasy dispenses with the charade and strikes on to destroying information.
So far, ESET reported, Fantasy victims have been present in Hong Kong, Israel, and South Africa.
“Agrius is a more recent Iran-aligned group focusing on victims in Israel and the United Arab Emirates since 2020,” ESET researchers defined. “Agrius exploits recognized vulnerabilities in internet-facing purposes to put in webshells, then conducts inner reconnaissance earlier than transferring laterally after which deploying its malicious payloads.”