Notorious FIN7 crooks have new malicious code up their sleeves

Cybersecurity researchers have discovered two new tools used by a prolific hacking group known as FIN7, highlighting how, despite a law enforcement crackdown, the group appears to be thriving and making a lot of money in the process. The Eastern European hacking crew, which researchers say has stolen over $1 billion from victims in recent years, is using a new “dropper” to deliver its malicious code, as well as a payload that tampers with a remote IT administration tool, cybersecurity company FireEye said Thursday. Mandiant, FireEye’s incident response arm, discovered the new tools while responding to recent FIN7 hacks in the hospitality industry. It appears the attackers are going after their usual targets — payment card processors — to try to steal money. “We have multiple ongoing victims and felt that, especially within the security industry, [this was information] we needed to get out there” to raise awareness, said Regina […]

The post Notorious FIN7 crooks have new malicious code up their sleeves appeared first on CyberScoop.

Continue reading Notorious FIN7 crooks have new malicious code up their sleeves

Fin7 sysadmin pleads guilty to running IT for billion-dollar crime syndicate

Fedir Oleksiyovich Hladyr is the first member of the infamous cybercrime network to be found guilty of hacking-related crimes in a US court. Continue reading Fin7 sysadmin pleads guilty to running IT for billion-dollar crime syndicate

FIN7’s IT admin pleads guilty for role in billion-dollar cybercrime crew

An accused operator of the FIN7 hacking collective pleaded guilty on Wednesday to charges in connection with working as the administrator of the group that researchers have suggested stole more than $1 billion from victims worldwide. Fedir Hladyr, 34, appeared in a courtroom in the Western District of Washington to plead guilty to wire fraud and conspiracy to commit computer hacking as part of a deal with prosecutors that will result in a prison sentence of no more than 25 years, according to his defense attorney. Hladyr was arrested in Dresden, Germany in January 2018 and accused of working as an administrator for the FIN7 group who maintained servers and delegated responsibilities throughout the international hacking crew, among other duties. He is the first member of the group to be found guilty of hacking-related crimes in U.S. court. The case marks a significant win for the Department of Justice, which […]

The post FIN7’s IT admin pleads guilty for role in billion-dollar cybercrime crew appeared first on CyberScoop.

Continue reading FIN7’s IT admin pleads guilty for role in billion-dollar cybercrime crew

Financial hacking teams FIN7, Cobalt Group update tactics to haunt banks and retail

It’s starting to look like the global private sector might have a real problem on its hands. Despite international media attention and a series of high-profile arrests, some of the world’s most prolific cybercriminals only seem to be accelerating their hacking sprees. Financially motivated hacking groups including FIN7, Cobalt Group and the Contact Crew remain active, staying busy well into this year, according to Accenture Security’s 2019 Threatscape report. The cybercrime syndicates, which have haunted financial and retail companies since at least 2016, have spent the first half of 2019 updating their malicious software tools and expanding their reach. The findings are more bad news for international companies, which last year saw cyberattacks rank among the biggest risks for companies worldwide, according to the World Economic Forum. Now, if Accenture’s 102-page report is any indication, the world’s most capable hackers only are fine-tuning their techniques to carry out targeted intrusions. This comes […]

The post Financial hacking teams FIN7, Cobalt Group update tactics to haunt banks and retail appeared first on CyberScoop.

Continue reading Financial hacking teams FIN7, Cobalt Group update tactics to haunt banks and retail

‘We have to hit the problem the way it hits us’: How the FBI tracks a range of hacking threats

FBI Director Christopher Wray has been clear to Congress: cyberthreats are outpacing the FBI’s capacity to track them, and the bureau needs more money and people to catch up. Boosting the FBI’s roster of cybersecurity talent, rather than playing whack-a-mole with an expanding docket of threats, is of the essence. “[The cyber] threat has grown exponentially in terms of actors, methods, targets, and so we need personnel and tools there in a big, big way,” Wray told Senate appropriators in May. In fiscal 2020, the FBI is asking Congress for $70.5 million more in funding compared with the prior year for cybersecurity programs, and for 33 more personnel dedicated to the issue. Any new hires would be stepping into an agency that has transformed its approach to cyberspace in the last several years. The FBI has had to get more out of its cybersecurity personnel as the types of malware, and the number of actors willing […]

The post ‘We have to hit the problem the way it hits us’: How the FBI tracks a range of hacking threats appeared first on CyberScoop.

Continue reading ‘We have to hit the problem the way it hits us’: How the FBI tracks a range of hacking threats

FIN8 tries to breach U.S. hotel with new malware variant, researchers say

A well-known criminal hacking group tried to breach the computer network of a U.S. hotel using a variant of malware the group had last deployed in 2017, according to research from endpoint security firm Morphisec. FIN8, as the financially-driven group is known, made several upgrades to its ShellTea malware, aiming it at the network of the hotel between March and May, according to Morphisec. Researchers believe it was an attempted attack on a point-of-sale POS) system, or one that processes payment card data. The intrustion attempt was blocked. In a blog post published Monday, Morphisec warned of the vulnerability of POS networks to groups like FIN8. “Many POS networks are running on the POS version of Window 7, making them more susceptible to vulnerabilities,” wrote Morphisec CTO Michael Gorelik. “The techniques implemented can easily evade standard POS defenses.” The research did not identify the hotel by name or specificy its location, […]

The post FIN8 tries to breach U.S. hotel with new malware variant, researchers say appeared first on CyberScoop.

Continue reading FIN8 tries to breach U.S. hotel with new malware variant, researchers say

Bank heist with FIN7 traits went down while leaders were on the run, research suggests

Digital thieves who spent more than two months lurking inside the networks of an Eastern European bank last year used the same techniques as the infamous cybercriminal gang known as FIN7 or Carbanak, according to new research. Romanian security vendor Bitdefender said Tuesday its researchers have uncovered new details about a bank heist in which hackers patiently collected employee credentials and other data meant to help them access banking data and control ATM networks. These findings coincide with previous researchers’ suggestion that FIN7 is a relatively large group made of perhaps a dozen individuals who have been able to weather law enforcement pressure while updating their hacking tactics. The 2018 breach at the bank, which Bitdefender declined to identify, occurred as international authorities were taking action against alleged members of FIN7, an organized crime group that threat intelligence researchers may have stolen $1 billion. The group carried out the attack detailed in […]

The post Bank heist with FIN7 traits went down while leaders were on the run, research suggests appeared first on CyberScoop.

Continue reading Bank heist with FIN7 traits went down while leaders were on the run, research suggests

Alleged FIN7 hacking director Andrii Kolpakov set to be extradited to the U.S.

One of three men who allegedly helped lead the FIN7 hacking group, which the U.S. Department of Justice says is behind the theft of 15 million payment card numbers, is scheduled to be extradited to the U.S., CyberScoop has learned. Andrii Kolpakov, will plead not guilty when he arrives in court from Spain to face charges in U.S. District Court for the Western District of Washington, according to his attorney, Vadim Glozman, who took over the case in April. Glozman said the timing of the extradition is unclear, but another source familiar with the matter said it will be “in the coming weeks.” Spanish police arrested Koplakov in June 2018 at the behest of U.S. authorities. The Ukrainian national, who was 30 when he was taken into custody, faces 26 criminal counts in the U.S., including aggravated identity theft, intentional damage to a protected computer and wire fraud, according to a U.S. […]

The post Alleged FIN7 hacking director Andrii Kolpakov set to be extradited to the U.S. appeared first on CyberScoop.

Continue reading Alleged FIN7 hacking director Andrii Kolpakov set to be extradited to the U.S.