Who is Pink Sandstorm?

Pink Sandstorm is a threat actor attributed to IR, also known as AMERICIUM, Agrius, BlackShadow. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Pink Sandstorm exploit?

Specific CVE exploitation data for Pink Sandstorm is being tracked. Check the Strobes VI threat actor profile for updates.

Pink Sandstorm

Also known as: AMERICIUM, Agrius, BlackShadow, SPECTRAL KITTEN, DEV-0022, UNC2428, Black Shadow, Agonizing Serpens

Exploited CVEs

Overview

Agonizing Serpens is an Iranian-linked APT group that has been active since 2020. They are known for their destructive wiper and fake-ransomware attacks, primarily targeting Israeli organizations in the education and technology sectors. The group has strong connections to Iran's Ministry of Intelligence and Security and has been observed using various tools and techniques to bypass security measures. They aim to steal sensitive information, including PII and intellectual property, and inflict damage by wiping endpoints.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions