Kaspersky: group Fin7 target 130 companies after the arrest of its leaders

Researchers discovered in the company of Kaspersky Lab , the number of attacks by the newly-hacking group notorious Fin7/Carbanak, after that it was thought that the group had dissolved in the wake of the arrest of a number of suspects of their leaders in the year 2018.

Used software malicious GRIFFON in detected attacks, which experts Kaspersky Lab to set Fin7 may be mounted after that expanded the number of the subversive groups operating under its umbrella; the increasing of its methods, cutting-edge, it announced itself as a legitimate security for the employment of professionals and deceive them to help her steal the money.

It is believed that Fin7 was behind the attacks targeting the segments of retail, restaurants and hospitality America since mid-year 2015, in close collaboration and exchange of tools and methods with a group Carbanak notorious. While focused Carbanak its disruptive to the banks, targeted Fin7 mostly companies, what is due her access to the value of millions of dollars of financial assets, such as credentials and payment card or account information on the computers in the finance departments. Once you get the vandalism on the way, they shifted money to offshore accounts.

According to the investigation conducted by Kaspersky Lab, it has the group continued its activity even in the shadow of the arrest of their leaders, the suspects last year, implementing campaigns and sophisticated trolling of him throughout the year 2018 distributed software subversive on each target through emails tailored to recipients. In different situations, exchange group messages with victims targeted on for weeks before sending the documents disruptive as attachments. And Kaspersky number of companies targeted in this way by more than 130 companies by the end of 2018.

The researchers also discovered a difference other criminal operating under the umbrella of Fin7. The use of common infrastructure and methods, techniques and procedures themselves should be Fin7 cooperating with the web bot has Web AveMaria groups known names CobaltGoblin/EmpireMonkey, believed to be behind the robbery of the bank occurred in Europe and Central America.

Related topics what you read now:

I discovered Kaspersky Lab also Fin7 has established a fake company claiming to be a legitimate company, services, e-Security has offices throughout Russia. Found that website this company is registered on the server that you are using Fin7 as the center of command and control. Were employed by the company counterfeit part-time researchers in the field of security holes the developers of the software interpreters, through sites employ a legitimate online. It seems that some individuals who work in this company is fake and never doubted their involvement to the work related to cyber crimes, as some of his expertise to work in this company in his CV.

Semi-Yuri Namestnikov – a security researcher has Kaspersky Lab – cyber threats modern the creature the Legendary Hydra lira, which is “if you cut the head of growth instead of two,” he said, “the best way a user can protect himself from threats consists in the application of Advanced Protection multi-layered, install all patch the software once it is released, and an analysis of the security products in all networks, systems and devices.”

To reduce the risk of one of the cyber threats, the users are advised to use security solutions to the functions dedicated to the Discovery attempts of the service and prevent it. Companies can protect their e-mail through oriented applications available in the package Kaspersky Endpoint Security for Business. Also helps solution Kaspersky Security for Microsoft Office 365 to protect the Postal Service’s Cloud Exchange Online Plans, Microsoft Office 365.

It recommends that the police also provide training on security awareness and teach practical skills, and help software, such as: Kaspersky Automated Security Awareness Platform in the promotion of skills and simulations of attacks phishing.

Leave a Reply

Your email address will not be published. Required fields are marked *