 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Apostle| Names | Apostle | |
| Category | Malware | |
| Type | Wiper, Ransomware | |
| Description | (SentinelLabs) One of the wipers used in the attack, dubbed ‘Apostle’, was later turned into a fully functional ransomware, replacing its wiper functionalities. The message inside it suggests it was used to target a critical, nation-owned facility in the United Arab Emirates. The similarity to its wiper version, as well as the nature of the target in the context of regional disputes, leads us to believe that the operators behind it are utilizing ransomware for its disruptive capabilities. | |
| Information | <https://assets.sentinelone.com/sentinellabs/evol-agrius> <https://www.sentinelone.com/labs/new-version-of-apostle-ransomware-reemerges-in-targeted-attack-on-higher-education/> <https://www.sentinelone.com/wp-content/uploads/2021/05/SentinelLabs_From-Wiper-to-Ransomware-The-Evolution-of-Agrius.pdf> <https://cyberpunkleigh.wordpress.com/2021/05/27/apostle-ransomware-analysis/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.apostle> | |
Last change to this tool card: 28 December 2021
Download this tool card in JSON format
Previous: Apocalipto
Next: AppleJeus
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Agrius |  | 2020-May 2023 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |