Security News > 2021 > October > Hacking gang creates fake firm to hire pentesters for ransomware attacks

The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting.

As ransomware has become a profitable field for cybercriminals, and having previous experience with fake front companies like "Combi Security", the group set up a new firm to lure legitimate IT specialists.

In the job requirements, the researchers believe that the hacking group was looking to hire pentesters, as system administrators would also have the ability to map compromised corporate systems, perform network reconnaissance, and locate backup servers and files.

All of these skills are required for pre-encryption stages of ransomware attacks, so it appears that this is what FIN7 is going after through these hiring rounds.

Another piece of evidence is that the software was purportedly licensed to "CheckPoint Software Inc", the renowned Israeli security firm, which FIN7 has masqueraded as in other recent attacks.

By creating fake cybersecurity firms to conduct attacks, Gemini believes it is an attempt to hire cheap labor rather than partnering with affiliates who demand a much larger 70-80% share of any paid ransoms.

News URL

https://www.bleepingcomputer.com/news/security/hacking-gang-creates-fake-firm-to-hire-pentesters-for-ransomware-attacks/