A earlier cyberattack on an Israeli software program developer is being utilized by Agrius Superior Persistent Menace (APT) group to launch wiper assaults in opposition to numerous organizations within the diamond trade.
Though Agrius and its assault in opposition to Israeli IT and HR firms final February was beforehand recognized, utilizing the “Fantasy” wiper in assaults is new, in keeping with researchers at ESET.
Fantasy is a modified iteration of the Apostle malware, the workforce stated. However whereas its predecessor Apostle masqueraded as ransomware, Fantasy dispenses with the charade and strikes on to destroying recordsdata.
To date, ESET reported, Fantasy victims have been present in Hong Kong, Israel, and South Africa.
“Agrius is a more recent Iran-aligned group focusing on victims in Israel and the United Arab Emirates since 2020,” ESET researchers defined. “Agrius exploits recognized vulnerabilities in internet-facing purposes to put in webshells, then conducts inner reconnaissance earlier than transferring laterally after which deploying its malicious payloads.”