- Feb 4, 2016
- 2,520
While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets.
It can take less than two days for the FIN12 gang to execute on the target network a file-encrypting payload - most of the time Ryuk ransomware.
Fast-moving FIN12
FIN12 is a prolific threat actor with a strong focus on making money that executes ransomware attacks since at least October 2018.
The group is a close partner of the TrickBot gang and targets high-revenue victims (above $300 million) from various activity sectors and regions on the globe.