News broke that the Agrius APT hacking group used a new 'Fantasy' data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa.
The ‘Fantasy’ data wiper was deployed by an Israeli software developer and does not attempt to masquerade as ransomware but instead goes right to work wiping data. Victims include Israeli HR firms, IT consulting companies, and a diamond wholesaler; a South African organization working in the diamond industry; and a jeweler in Hong Kong. Anand Revashetti, CTO and Co-Founder Lineaje shared insights on the threat and how organizations can defend themselves from similar threats.
“The ‘Fantasy’ data wiper that was deployed by an Israeli software developer is just the latest example of why CISO’s need to make software supply chain security a top priority in the upcoming year. Gartner has already predicted that by 2025, 45% of organizations worldwide will experience attacks on their software supply chains, which is a three-fold increase from 2021. To combat it, organizations need to know what’s in their software to not only discover risks, but to be more proactive in mediating the threats they impose. That is why it’s critical to have solutions that help consumers analyze software supply chain and avoid deployment of unknown and malicious components hidden in legitimate software.”