top of page
Search

Fin7 Unveiled: A deep dive into notorious cybercrime gang

The highly active threat group FIN7 has been continuously broadening their cybercrime horizons and recently added ransomware to its attack arsenal. FIN7 group is known to hold a notorious status due to their achievement in deploying extensive backdoors in leveraging software supply chains, distributing malicious USB sticks, and cooperating with other groups. PTI team obtained visibility into the inner workings of the FIN7 threat group and managed to gain information about their organizational structures, identities, attack vectors, infrastructures, proof-supported affiliations with other ransomware groups (such as DarkSide, who were behind the Colonial Pipeline attack in 2021), victim targeting, and other relevant observations. All of the findings are supported by translated conversations among the members of FIN7, including screenshots of their infrastructures.



TAGS: Fin7, APT


ADVERSARY: FIN7


INDUSTRY: Finance


TARGETED COUNTRY: United States of America


ATT&CK IDS: T1190 - Exploit Public-Facing Application, T1078 - Valid Accounts, T1566.001 - Spearphishing Attachment, T1427 - Attack PC via USB Connection, T1020 - Automated Exfiltration, T1059.001 - PowerShell


Read More:


2 views

Comments


Commenting has been turned off.
bottom of page