{"id":10413,"date":"2025-10-08T19:54:16","date_gmt":"2025-10-08T19:54:16","guid":{"rendered":"http:\/\/localhost\/cyber-operations\/agrius\/"},"modified":"2025-10-08T19:54:16","modified_gmt":"2025-10-08T19:54:16","slug":"agrius","status":"publish","type":"post","link":"https:\/\/www.cfr.org\/cyber-operations\/agrius","title":{"rendered":"Agrius"},"content":{"rendered":"<p>Agrius is an Iranian threat actor which has consistently been observed targeting Israeli networks. The group has frequently deployed wipers disguised as ransomware on networks, with the goal of destroying data and disrupting operations. Also known as BlackShadow, Americium, Pink Sandstorm, and DEV-0227.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Agrius is an Iranian threat actor which has consistently been observed targeting Israeli networks. The group has frequently deployed wipers disguised as ransomware on networks, with the goal of destroying data and disrupting operations. Also known as BlackShadow, Americium, Pink Sandstorm, and DEV-0227.<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_cloudinary_featured_overwrite":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2],"tags":[],"cyber_operation":[],"state_sponsor":[76],"victim_category":[],"victim_government_response":[186],"victim":[80],"class_list":["post-10413","post","type-post","status-publish","format-standard","hentry","category-incident","state_sponsor-iran-islamic-republic-of","victim_government_response-unknown","victim-israel"],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/comments?post=10413"}],"version-history":[{"count":0,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/posts\/10413\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/media?parent=10413"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/categories?post=10413"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/tags?post=10413"},{"taxonomy":"cyber_operation","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/cyber_operation?post=10413"},{"taxonomy":"state_sponsor","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/state_sponsor?post=10413"},{"taxonomy":"victim_category","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_category?post=10413"},{"taxonomy":"victim_government_response","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim_government_response?post=10413"},{"taxonomy":"victim","embeddable":true,"href":"https:\/\/www.cfr.org\/cyber-operations\/wp-json\/wp\/v2\/victim?post=10413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}