The Stark Truth Behind the Resurgence of Russia’s Fin7

The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia. Continue reading The Stark Truth Behind the Resurgence of Russia’s Fin7

Alleged FIN7 scammer Denys Iarmak is set to plead guilty

An alleged member of the FIN7 hacking group is set to plead guilty, admitting to a role in a criminal organization that used front companies and array of fraud techniques to steal more than $1 billion from victims worldwide, CyberScoop has learned. Attorneys for Denys Iarmak, a Ukrainian national, have notified a federal court in Washington state that Iarmak intends to change his plea after he declared himself not guilty at a May 2020 arraignment hearing. While one defense counselor said Iarmak could change his mind before his next hearing, scheduled for Nov. 22, attorneys have agreed in principle to a plea deal with the U.S. Department of Justice. “That’s what’s most likely,” said defense attorney Michael Craig Nance, who is representing Iarmak in the Western District of Washington. “It’s not final until a person stands in court and says they’re guilty.” Iarmk was initially charged with a range of […]

The post Alleged FIN7 scammer Denys Iarmak is set to plead guilty appeared first on CyberScoop.

Continue reading Alleged FIN7 scammer Denys Iarmak is set to plead guilty

Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic

Professional hackers who already try to hide their activity through an array of technical means now seem to be trying on more corporate disguises, by creating front companies or working as government contractors to boost their legitimacy. U.S. law enforcement in September accused hackers based in Iran and China of conducting global espionage operations while appearing to exist as otherwise innocuous technology firms. While the public nature of the charges are proof the efforts weren’t entirely successful, the tactic marks an evolution of the use of dummy corporations since a group of financial scammers stole a reported $1 billion by posing as a cybersecurity testing firm. “It just makes it harder to figure out who’s doing what, and what are their motivations,” John Demers, the U.S. assistant attorney general for national security, said of the apparent motivation in a recent interview. “For a company that’s suffered a breach, it may […]

The post Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic appeared first on CyberScoop.

Continue reading Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic

Fin7 sysadmin pleads guilty to running IT for billion-dollar crime syndicate

Fedir Oleksiyovich Hladyr is the first member of the infamous cybercrime network to be found guilty of hacking-related crimes in a US court. Continue reading Fin7 sysadmin pleads guilty to running IT for billion-dollar crime syndicate

Fin7 and the Perfect Phish

For the past twenty years, one of the main pieces of advice our industry gave to people regarding their email was “don’t open attachments from people you don’t know.”  But what if your JOB is opening attachments from people you don’t know?
On Augu… Continue reading Fin7 and the Perfect Phish