New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education

Amitai Ben Shushan Ehrlick reports:

SentinelLabs has been tracking the activity of Agrius, a suspected Iranian threat actor operating in the Middle East, throughout 2020 and 2021 following a set of destructive attacks starting December 2020. Since we last reported on this threat actor in May 2020, Agrius lowered its profile and was not observed conducting destructive activity. This changed recently as the threat actor likely initiated a ransomware attack on the Israeli university Bar-Ilan utilizing the group’s custom Apostle ransomware.

Read more details and analysis on Sentinel Labs.  In early September, some of the data from the attack was made public, but was subsequently removed from the file-sharing site.

About the author: Dissent

Comments are closed.