Microsoft: Notorious FIN7 hackers return in Clop ransomware attacks

2023-05-19 17:06

A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims' networks.

"The group was observed deploying the Clop ransomware in opportunistic attacks in April 2023, its first ransomware campaign since late 2021.".

The FBI has warned U.S. companies of USB drive-by attacks coordinated by FIN7, targeting the U.S. defense industry with packages containing malicious USB devices designed to deploy ransomware.

FIN7 operators have also impersonated Best Buy in similar attacks with malicious flash drives via USPS to hotels, restaurants, and retail businesses, packages that also bundled teddy bears to trick the targets into lowering their guard.

Although some FIN7 members have been arrested over the years, the hacking group is still active and going strong, as evidenced by this new round of attacks reported by Microsoft.

In April 2022, FIN7 "Pen tester" Denys Iarmak was sentenced to 5 years in prison for network breaches and credit card theft attacks spanning at least two years.

News URL

https://www.bleepingcomputer.com/news/security/microsoft-notorious-fin7-hackers-return-in-clop-ransomware-attacks/

#attack #clop #fin7 #hacker #microsoft #ransomware

News URL

Related news