Security News > 2021 > March > FIN8 Resurfaces with Revamped Backdoor Malware

FIN8 Resurfaces with Revamped Backdoor Malware
2021-03-11 16:05

FIN8 is a financially motivated threat group whose typical mode of attack has been to steal payment-card data from point-of-sale environments, particularly those of retailers, restaurants and the hotel industry.

Bitdefender has recently identified specific attacks on seven targets during its monitoring of the command-center infrastructure used in previous FIN8 attacks.

BadHatch is a custom FIN8 malware that was also used in the 2019 attacks.

The latest BadHatch version also allows file downloads, which could pave the way for different kinds of attacks in the future, beyond harvesting credit-card data.

"BadHatch has always been correlated with POS attacks, but it has extended backdoor capabilities that let operators perform lateral movement and also has the ability to download additional payloads from specified locations," Botezatu said.

The latest activity is an indication to expect wider attacks soon, according to the researcher.


News URL

https://threatpost.com/fin8-resurfaces-backdoor-malware/164684/