“Pen tester” who helped FIN7 gang cause $1 billion damage, sentenced to five years behind bars

A Ukrainian man has been sentenced to five years in prison by a US court for his involvement in the notorious criminal hacking group, FIN7.

Read more in my article on the Hot for Security blog. Continue reading “Pen tester” who helped FIN7 gang cause $1 billion damage, sentenced to five years behind bars

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

The Western District of Washington has sentenced a Ukrainian man to seven years in prison for his role in a hacking gang that is estimated to have caused more than one billion dollars worth of damage.

Read more in my article on the Hot for Security … Continue reading FIN7 hacking gang’s “pen tester” jailed for seven years by US court

MITRE ATT&CK: Cybereason Dominates the Competition

The long-awaited 2020 MITRE ATT&CK evaluations are out! With the MITRE ATT&CK framework now being the standard by which Defenders can measure the effectiveness of various solutions in tracking adversary behavior, cyber vendors are cherry-p… Continue reading MITRE ATT&CK: Cybereason Dominates the Competition

Bank heist with FIN7 traits went down while leaders were on the run, research suggests

Digital thieves who spent more than two months lurking inside the networks of an Eastern European bank last year used the same techniques as the infamous cybercriminal gang known as FIN7 or Carbanak, according to new research. Romanian security vendor Bitdefender said Tuesday its researchers have uncovered new details about a bank heist in which hackers patiently collected employee credentials and other data meant to help them access banking data and control ATM networks. These findings coincide with previous researchers’ suggestion that FIN7 is a relatively large group made of perhaps a dozen individuals who have been able to weather law enforcement pressure while updating their hacking tactics. The 2018 breach at the bank, which Bitdefender declined to identify, occurred as international authorities were taking action against alleged members of FIN7, an organized crime group that threat intelligence researchers may have stolen $1 billion. The group carried out the attack detailed in […]

The post Bank heist with FIN7 traits went down while leaders were on the run, research suggests appeared first on CyberScoop.

Continue reading Bank heist with FIN7 traits went down while leaders were on the run, research suggests

An APT Blueprint: Gaining New Visibility into Financial Threats

This new Bitdefender forensic investigation reveals a complete attack timeline and behavior of a notorious financial cybercriminal group, known as Carbanak. In mid-2018, Bitdefender researchers investigated a targeted attack on an Eastern European fina… Continue reading An APT Blueprint: Gaining New Visibility into Financial Threats

Alleged FIN7 hacking director Andrii Kolpakov set to be extradited to the U.S.

One of three men who allegedly helped lead the FIN7 hacking group, which the U.S. Department of Justice says is behind the theft of 15 million payment card numbers, is scheduled to be extradited to the U.S., CyberScoop has learned. Andrii Kolpakov, will plead not guilty when he arrives in court from Spain to face charges in U.S. District Court for the Western District of Washington, according to his attorney, Vadim Glozman, who took over the case in April. Glozman said the timing of the extradition is unclear, but another source familiar with the matter said it will be “in the coming weeks.” Spanish police arrested Koplakov in June 2018 at the behest of U.S. authorities. The Ukrainian national, who was 30 when he was taken into custody, faces 26 criminal counts in the U.S., including aggravated identity theft, intentional damage to a protected computer and wire fraud, according to a U.S. […]

The post Alleged FIN7 hacking director Andrii Kolpakov set to be extradited to the U.S. appeared first on CyberScoop.

Continue reading Alleged FIN7 hacking director Andrii Kolpakov set to be extradited to the U.S.

New FIN7 hacking tools uncovered months after three suspects were arrested

More than six months after U.S. prosecutors announced the arrests of three accused hackers affiliated with a sophisticated criminal hacking group, researchers say they have new evidence the billion-dollar crime ring is still active. The Department of Justice last year said police apprehended three Ukrainian men involved in the FIN7 hacking group. The financially-motivated group may have stolen as much as one billion dollars, according to one estimate, as well as 15 million credit card numbers from U.S. businesses. Now, there is some evidence to suggest the group’s infrastructure is starting to reappear after months, according to research published Wednesday by Flashpoint. Researchers uncovered a new strain of malicious software called SQLRat, which is spread via phishing emails. The strain is especially difficult for investigators to detect because it doesn’t leave behind much evidence. “The use of SQL scripts is ingenious in that [attackers] don’t leave artifacts behind the way traditional […]

The post New FIN7 hacking tools uncovered months after three suspects were arrested appeared first on CyberScoop.

Continue reading New FIN7 hacking tools uncovered months after three suspects were arrested

Cyberthreats to financial institutions 2019: overview and predictions

The past year has been extremely eventful in terms of the digital threats faced by financial institutions: cybercrime groups have used new infiltration techniques, and the geography of attacks has become more extensive. Continue reading Cyberthreats to financial institutions 2019: overview and predictions