FIN7 hackers evolve toolset, work with multiple ransomware gangs


Level 18
Thread author
Top Poster
May 4, 2019
Threat analysts have compiled a detailed technical report on FIN7 operations from late 2021 to early 2022, showing that the adversary continues to be very active, evolving, and trying new monetization methods.

FIN7 (a.k.a. Carbanak) is a Russian-speaking, financially motivated actor known for its resourceful and diverse set of tactics, custom-made malware, and stealthy backdoors.
Although some members of the group were indicted in 2018, followed by the sentencing of one of its managers in 2021, FIN7 did not disappear and kept developing new tools for stealthy attacks.
A rich new set of FIN7 indicators of compromise based on the analysis of novel malware samples has been published by researchers at Mandiant, who continue to observe and track the group’s operations.
The evidence gathered from a range of cyber-intrusions has led the analysts to merge eight previously suspected UNC groups into FIN7, which indicates the broad scope of operations for the particular group.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.