The Hacker News
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
May 11^th 2024 at 07:29

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

By: Newsroom

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall

The Hacker News
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
April 18^th 2024 at 13:58

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

By: Newsroom

The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). "FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights," the BlackBerry research and intelligence team said in a new write-up. "They

The Hacker News
Carbanak Banking Malware Resurfaces with New Ransomware Tactics
December 26^th 2023 at 07:26

Carbanak Banking Malware Resurfaces with New Ransomware Tactics

By: Newsroom

The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned last month through new

The Hacker News
Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks
May 20^th 2023 at 06:49

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

By: Ravie Lakshmanan

The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest. "In these recent attacks, Sangria Tempest uses the PowerShell script POWERTRASH to load

🏷️ My labels
- ❌
Article tags
May 20^th 2023 at 06:49

The Hacker News
FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks
April 17^th 2023 at 13:50

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks

By: Ravie Lakshmanan

A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-on exploitation on compromised systems, including delivering a lesser-known information stealer that

🏷️ My labels
- ❌
Article tags
April 17^th 2023 at 13:50

FreshRSS

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

Carbanak Banking Malware Resurfaces with New Ransomware Tactics

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks