Security News > 2023 > May > Microsoft: Notorious FIN7 hackers return in Clop ransomware attacks
A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims' networks.
"The group was observed deploying the Clop ransomware in opportunistic attacks in April 2023, its first ransomware campaign since late 2021.".
The FBI has warned U.S. companies of USB drive-by attacks coordinated by FIN7, targeting the U.S. defense industry with packages containing malicious USB devices designed to deploy ransomware.
FIN7 operators have also impersonated Best Buy in similar attacks with malicious flash drives via USPS to hotels, restaurants, and retail businesses, packages that also bundled teddy bears to trick the targets into lowering their guard.
Although some FIN7 members have been arrested over the years, the hacking group is still active and going strong, as evidenced by this new round of attacks reported by Microsoft.
In April 2022, FIN7 "Pen tester" Denys Iarmak was sentenced to 5 years in prison for network breaches and credit card theft attacks spanning at least two years.
News URL
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- Clop ransomware claims responsibility for Cleo data theft attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)