Security News > 2021 > September > FIN7 Capitalizes on Windows 11 Release in Latest Gambit

FIN7 Capitalizes on Windows 11 Release in Latest Gambit
2021-09-03 16:07

The FIN7 financial cybercrime gang is back, delivering JavaScript backdoors using Word documents themed around the next version of Windows.

That's according to researchers at Anomali, who observed a recent campaign from the group that leveraged six different docs, all referencing "Windows 11 Alpha" - the "Insider Preview" version of the upcoming Windows 11 operating system from Microsoft.

Windows 11 Alpha was released to the computing giant's developer channels in late June, and it generated buzz among the technorati for offering a glimpse of the planned upgrades that Windows users can look forward to when Windows 11 rolls out this fall.

The infection chain begins with a Microsoft Word document featuring a decoy image, telling readers that it was made with Windows 11 Alpha.

The group has caught the eye of the U.S. Justice Department, which credits FIN7 with the theft of more than 15 million payment-card records and $1 billion in global losses.

"Despite high-profile arrests and sentencing, including alleged higher-ranking members, the group continues to be as active as ever. U.S. prosecutors believe the group numbers around 70 individuals, meaning the group can likely accommodate these losses as other individuals will step in."


News URL

https://threatpost.com/fin7-windows-11-release/169206/