Names | Agrius (SentinelLabs) DEV-0227 (Microsoft) | |
Country | ![]() | |
Motivation | Information theft and espionage, Sabotage and destruction | |
First seen | 2020 | |
Description | (SentinelLabs) A new threat actor SentinelLabs track as Agrius was observed operating in Israel beginning in 2020. An analysis of what at first sight appeared to be a ransomware attack revealed new variants of wipers that were deployed in a set of destructive attacks against Israeli targets. The operators behind the attacks intentionally masked their activity as ransomware attacks. | |
Observed | Countries: Israel. | |
Tools used | Apostle, ASPXSpy, DEADWOOD, IPsec Helper. | |
Information | <https://assets.sentinelone.com/sentinellabs/evol-agrius> |
Last change to this card: 03 February 2022
Digital Service Security Center Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1227 | |
![]() |
[email protected] |