FIN7 – Page 3 – WindowsTechs.com

Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic

Posted on October 5, 2020 by Jeff Stone

Professional hackers who already try to hide their activity through an array of technical means now seem to be trying on more corporate disguises, by creating front companies or working as government contractors to boost their legitimacy. U.S. law enforcement in September accused hackers based in Iran and China of conducting global espionage operations while appearing to exist as otherwise innocuous technology firms. While the public nature of the charges are proof the efforts weren’t entirely successful, the tactic marks an evolution of the use of dummy corporations since a group of financial scammers stole a reported $1 billion by posing as a cybersecurity testing firm. “It just makes it harder to figure out who’s doing what, and what are their motivations,” John Demers, the U.S. assistant attorney general for national security, said of the apparent motivation in a recent interview. “For a company that’s suffered a breach, it may […]

The post Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic appeared first on CyberScoop.

Continue reading Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic→

Hushpuppi and Mr.Woodbery, BEC scammers: Welcome to Chicago!

Posted on July 5, 2020 by Gary Warner, UAB

There are quite a few West African scammers who try to explain away their wealth by claiming they are a “bitcoin entrepreneur” or “real estate investor” when in fact they conduct Business Email Compromise scams against American companies, and Romance S… Continue reading Hushpuppi and Mr.Woodbery, BEC scammers: Welcome to Chicago!→

FBI Officials Arrest Another Alleged FIN7 Gang Member

Posted on May 27, 2020 by Alina Bizga

According to newly released court documents, Ukrainian national Denys Iarmak has been arrested for alleged involvement in the malicious cyber campaigns run by the infamous hacking group FIN7. Among others, Iarmak has been charged with conspiracy to com… Continue reading FBI Officials Arrest Another Alleged FIN7 Gang Member→

Federal officials have arrested another accused FIN7 hacker

Posted on May 26, 2020 by Shannon Vavra

A Ukrainian national was arrested last week in Seattle for his alleged involvement in hacking operations run by FIN7, a syndicate known for stealing approximately $1 billion from its victims in the United States. According to court documents obtained by CyberScoop, Denys Iarmak has been charged with conspiracy to commit computer hacking, accessing a protected computer to commit fraud, intentional damage to a protected computer, access device fraud, conspiracy to commit wire and bank fraud, wire fraud, and aggravated identity theft. The arrest is a significant move against financially motivated FIN7, which has targeted the hospitality and gaming industries in the last several years. FIN7 has gone after restaurants including Chipotle, Red Robin, Taco John, as well as a credit union and a casino. According to the court documents, Iarmak was part of a scheme where operators allegedly ran spearphishing campaigns to gain unauthorized access to victim computers, deploy malware, conduct […]

The post Federal officials have arrested another accused FIN7 hacker appeared first on CyberScoop.

Continue reading Federal officials have arrested another accused FIN7 hacker→

Hackers sending malware infected USBs with Best Buy Gift Cards

Posted on March 28, 2020 by Waqas

By Waqas
Researchers maintain that this USB drive is an Arduino microcontroller ATMEGA32U4 and infected with GRIFFON malware.
This is a post from HackRead.com Read the original post: Hackers sending malware infected USBs with Best Buy Gift Cards
Continue reading Hackers sending malware infected USBs with Best Buy Gift Cards→

Malware from notorious FIN7 group is being delivered by snail mail

Posted on March 27, 2020 by Sean Lyngaas

While hackers all over the world rely on emails and text messages to breach networks, one infamous criminal group appears to be turning to the mailman to deliver their malicious code. Malware authored by FIN7, which researchers say has stolen over $1 billion in recent years, has been delivered by the U.S. Postal Service to multiple organizations in recent months, according to security company FireEye. The code comes on USB sticks that, once inserted into a computer, install a “backdoor,” called Griffon, capable of stealing sensitive information. The malicious code, which multiple security companies have attributed to FIN7, burrows into the target computer and beacons back to the group for further instructions. How many of the USB deliveries led to network breaches remains unclear. The hacking attempts raise questions about how a group thought to be based in Eastern Europe, and one that U.S. officials have hunted for years, has been […]

The post Malware from notorious FIN7 group is being delivered by snail mail appeared first on CyberScoop.

Continue reading Malware from notorious FIN7 group is being delivered by snail mail→

FIN7 Targets New Windows 10 Functionality

Posted on February 28, 2020 by Michael Gorelik

Over the past few weeks, Morphisec Labs researchers identified a couple dozen documents that execute the GRIFFON javascript delivery backdoor. Following our investigation, we identified a high similarity to FIN7’s attack methodology.
The post FIN7… Continue reading FIN7 Targets New Windows 10 Functionality→

Can software vendors block a notorious criminal group’s attacks? MITRE wants to find out

Posted on February 20, 2020 by Sean Lyngaas

The Eastern European hacking group FIN7 has stolen an estimated $1 billion in recent years by sweeping up payment card data processed by hotels and other organizations. The fortune amassed by FIN7, despite the arrest of some of its senior members, has made it one of the most potent criminal threats to organizations around the world. Changes the group has made to its hacking tools in recent months have meant more breaches, and likely more money, for FIN7. Now, a U.S. government-funded organization is trying to put a dent in FIN7 hacks by evaluating the group’s attack techniques against widely used cybersecurity software. Vendors will be assessed on their ability to block FIN7-like intrusions and, with the results made public next year, hopefully improve their products. While FIN7 is the subject of the evaluation, the attack techniques tested will “be applicable across a broad spectrum of adversaries,” said Frank Duff, […]

The post Can software vendors block a notorious criminal group’s attacks? MITRE wants to find out appeared first on CyberScoop.

Continue reading Can software vendors block a notorious criminal group’s attacks? MITRE wants to find out→

Fin7 Cybergang Retools With New Malicious Code

Posted on October 11, 2019 by Lindsey O'Donnell

A new dropper and payload show that Fin7 isn’t going anywhere despite a crackdown on the infamous group by law enforcement in 2018. Continue reading Fin7 Cybergang Retools With New Malicious Code→

Notorious FIN7 crooks have new malicious code up their sleeves

Posted on October 10, 2019 by Sean Lyngaas

Cybersecurity researchers have discovered two new tools used by a prolific hacking group known as FIN7, highlighting how, despite a law enforcement crackdown, the group appears to be thriving and making a lot of money in the process. The Eastern European hacking crew, which researchers say has stolen over $1 billion from victims in recent years, is using a new “dropper” to deliver its malicious code, as well as a payload that tampers with a remote IT administration tool, cybersecurity company FireEye said Thursday. Mandiant, FireEye’s incident response arm, discovered the new tools while responding to recent FIN7 hacks in the hospitality industry. It appears the attackers are going after their usual targets — payment card processors — to try to steal money. “We have multiple ongoing victims and felt that, especially within the security industry, [this was information] we needed to get out there” to raise awareness, said Regina […]

The post Notorious FIN7 crooks have new malicious code up their sleeves appeared first on CyberScoop.

Continue reading Notorious FIN7 crooks have new malicious code up their sleeves→