FIN7 hackers evolve operations with ransomware, novel backdoor

The FIN7 hacking group is back with a campaign that shows off a novel backdoor and other new malicious tools.

FIN7 is considered a key threat actor today and has severely impacted countless financial organizations worldwide.

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

This money-motivated cyberattack group, also tracked as Carbanak, specializes in Business Email Compromise (BEC) scams and point-of-sale (PoS) system intrusions. The group attempts to steal consumer payment card data and, in recent years, has continued to innovate and refine its intrusion methods.

Active since at least 2015, FIN7 has a range of custom malware in its toolset, including backdoors, information stealers, the SQLRat SQL script dropper, the Loudout downloader, and has even used mailed USB drives sent to businesses in the past to infect its victims with malware.

Recently, cybersecurity researchers tied FIN7 to ransomware operators, including REvil, Darkmatter, and Alphv.

Despite arrests and the sentencing of high-level FIN7 members, the attack waves continue, with the latest including the “use of

Read More: