Apostle Malware Evolves from Wiper to Ransomware

foudre malware

The Apostle Malware is an interesting threat that was first spotted on the compromised networks of Israeli users and companies. The strange threat appears to be designated to work as a disk wiper, but because of bugs in its code, it was not able to carry out its attack completely. Researchers who identified and dissected the threat report that its authors refer to it as 'wiper-action' – another hint that the original purpose of the malware was to wipe the victim's disk. While the first samples of the Apostle Malware failed to do their job because of bugs, recent updates of the payload appear to be fixed. However, the 'fixes' that the criminals applied also changed Apostle's functionality – it is now a fully fledge ransomware threat, which demands money from its victims.

The development and propagation of the Apostle Malware is attributed to the Agrius Advanced Persistent Threat (APT) group, an emerging cybercrime organization believed to have ties to the Iranian government. This piece of information does not come as a surprise considering that Agrius' primary targets are situated in Israel. 

Iran-affiliated hacking groups seem to have an affinity towards disk wipers, and they have been using them since at least 2012. One of the most infamous disk wipers to be employed by Iranian hackers is Shamoon.

We are yet to see what future updates of the Apostle Malware are about to introduce – it would not be a surprise if the Agrius criminals decide to switch up their strategy again. For now, one thing is for sure – Israel is their primary target, and they do not seem to express interest in other regions. 

By Ruik
May 26, 2021
Malware
English
May 26, 2021
Malware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Malware

Remove Lohodf Ransomware

File-encryption Trojans are a type of computer threat, which can cause long-lasting damage to the system and, in particular, your files. Unfortunately, once ransomware has attacked your computer, removing it might not... Read more

May 7, 2021
Ransomware

Remove Nusm Ransomware

File-encryption Trojan attacks can cause long-lasting damage to your files. Even removing the threatening application responsible for the attack is not going to undo the damage that has already been done. One of the... Read more

May 21, 2021
Ransomware

Removal of POLSAT Ransomware

The POLSAT Ransomware is a dangerous piece of malware, which is being spread on the Internet through fake downloads, malicious emails, misleading ads, and other shady content. It is very easy to encounter malware of... Read more

April 7, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.