Security News > 2024 > July > FIN7 sells improved EDR killer tool
The cybercrime-focused enterprise known as FIN7 has come up with yet another trick to assure the effectiveness of its "EDR killer" tool, dubbed AvNeutralizer by researchers.
They spotted the tool being offered for sale on underground forums by several sellers/personas, which they suspect to be part of the FIN7 cluster.
Core Impact, a pentesting tool leveraging commercial-grade exploits.
Checkmarks, an automated attack system developed by FIN7 to exploit public-facing, vulnerable Microsoft Exchange servers.
"If initial attempts are unsuccessful, the SQLMap tool scans targets for potential SQL injection vulnerabilities. This module provides remote access to the victim's system, with FIN7 tailoring the system for seamless implementation and adaptability to various situations, thereby expanding the range of exploitable vulnerabilities," they researchers shared.
More recently, there have been reports of FIN7 leveraging malicious ads to deliver the NetSupport RAT on targets' machine, and setting up over 4,000 domains that will likely be used in phishing attacks.