Security News > 2023 > May > Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware

The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations.
Agrius, also known as Pink Sandstorm, has a track record of staging destructive data-wiping attacks aimed at Israel under the guise of ransomware infections.
Unlike Apostle, Moneybird is programmed in C++. "The use of a new ransomware, written in C++, is noteworthy, as it demonstrates the group's expanding capabilities and ongoing effort in developing new tools," Check Point researchers Marc Salinas Fernandez and Jiri Vinopal said.
"The use of a new ransomware demonstrates the actor's additional efforts to enhance capabilities, as well as hardening attribution and detection efforts," the researchers said.
Agrius is far from the only Iranian state-sponsored group to engage in cyber operations targeting Israel.
A report from Microsoft last month uncovered MuddyWater's collaboration with another cluster dubbed Storm-1084 to deploy the DarkBit ransomware.
News URL
https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)