Money Ransomware Group Enters Double-Extortion Fray

Ransomware group uses API calls to spread throughout shared network resources, researchers say.

An emerging threat group dubbed Money Ransomware has adopted the increasingly popular tactic of encrypting and exfiltrating sensitive data from organizations and threatening to leak it if the victim refuses to pay.
Cybersecurity researchers at Yoroi recently published Money Ransomwares indicators of compromise and the results of their investigation into the groups first two victims, one of which was the Bangladesh Airport, the researchers said.
Besides the groups nascent
double-extortion ransomware
activities, its malware abuses the Windows API function WNetAddConnection2W to establish a connection with other network assets and spread.
This poses a significant concern for organizations, as a single infected system can rapidly result in extensive damage and data loss, Yorois
report on Money Ransomware
said. To mitigate this risk, it is vital for organizations to adopt a proactive approach to network security. This includes regularly patching and updating software, employing firewalls and other network security tools, and educating employees on how to recognize and avoid common phishing and social engineering attacks.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Money Ransomware Group Enters Double-Extortion Fray