Security News

FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor
2021-09-06 03:16

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with "Moderate confidence" to a financially motivated threat actor dubbed FIN7, according to researchers from cybersecurity firm Anomali. "The group's goal appears to have been to deliver a variation of a JavaScript backdoor used by FIN7 since at least 2018.".

FIN7 Capitalizes on Windows 11 Release in Latest Gambit
2021-09-03 16:07

The FIN7 financial cybercrime gang is back, delivering JavaScript backdoors using Word documents themed around the next version of Windows. That's according to researchers at Anomali, who observed a recent campaign from the group that leveraged six different docs, all referencing "Windows 11 Alpha" - the "Insider Preview" version of the upcoming Windows 11 operating system from Microsoft.

FIN7’s Liquor Lure Compromises Law Firm with Backdoor
2021-07-23 16:24

Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. According to eSentire's Threat Response Unit, the successful breach for FIN7 was part of a wider, non-targeted email campaign.

FIN7 Supervisor Gets 7-Year Jail Term for Stealing Millions of Credit Cards
2021-06-27 20:04

A Ukrainian national and a mid-​level supervisor of the hacking group known as FIN7 has been sentenced to seven years in prison for his role as a "Pen tester" and perpetuating a criminal scheme that enabled the gang to compromise millions of customers debit and credit cards. FIN7, also called Anunak, Carbanak Group, and the Navigator Group, is said to have engaged in a sophisticated malware campaign at least since 2015 targeting restaurant, gambling, and hospitality industries in the U.S. to plunder credit and debit card numbers that were then used or sold for profit on underground forums.

Jailed for seven years: Cyber-crook who broke into Big Biz to steal bank card info for FIN7 super-gang
2021-06-25 23:41

An expert penetration tester working for the notorious cyber-crime gang FIN7 was sent down for seven years on Friday and told to cough up $2.5m for breaking into corporate computer systems. FIN7 injected malware into the networks of thousands of American food, hospitality, and gaming chains to steal customers' financial details.

FIN7 ‘Pen Tester’ Headed to Jail Amid $1B in Payment-Card Losses
2021-06-25 18:06

A so-called "Pen-tester" for the financial cybergang known as FIN7 will spend seven years in the slammer after being convicted for payment-card theft. FIN7 is a well-known threat that's been circulating since at least 2015.

Member of FIN7 Cybercrime Gang Sentenced to Prison in U.S.
2021-06-25 11:51

A Ukrainian man has been sentenced to seven years in prison in the United States for his role within the cybercrime group known as FIN7. Operating since at least 2015, the financially-motivated FIN7 group targeted businesses worldwide to steal payment card data.

FIN7 Backdoor Masquerades as Ethical Hacking Tool
2021-05-14 17:36

The notorious FIN7 cybercrime gang, a financially motivated group, is spreading a backdoor called Lizar under the guise of being a Windows pen-testing tool for ethical hackers. According to the BI.ZONE Cyber Threats Research Team, FIN7 is pretending to be a legitimate organization that hawks a security-analysis tool.

Sysadmin for FIN7 criminal cracking group gets 10 years in US prison for managing card slurping malware scam
2021-04-19 14:15

The former systems administrator for the FIN7 card-slurping gang has been sentenced to 10 years in a US prison. Fedir Hladyr, 35, pled guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking last year, and on Friday was sentenced for his role in the theft and resale of over than 20 million customer card records from over 6,500 point-of-sale terminals across the US using the malware dubbed Carbanak.

Member of FIN7 Hacking Group Sentenced to US Prison
2021-04-19 11:39

A Ukrainian national arrested for his role in a hacking group that compromised millions of financial accounts was sentenced to a decade in prison, US prosecutors said Friday. Fedir Hladyr, 35, had a high-level role as a manager and systems administrator for a hacking group known at FIN7, authorities said.