FIN7’s Liquor Lure Compromises Law Firm with Backdoor
#1
Information 
Quote:Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoader remote-access trojan (RAT), researchers said.
 
According to eSentire’s Threat Response Unit (TRU), the successful breach for FIN7 (aka Carbanak Group or Navigator Group) was part of a wider, non-targeted email campaign. It purports to relate to a legal complaint centering around liquor giant Brown-Forman.
 
“One of the victims of the malicious legal complaint campaign was a law firm,” researchers said in a posting this week. “The lure successfully bypassed the law firm’s email filters, and it was not detected as suspicious by any of the firm’s employees.”
 
The ultimate purpose of installing the backdoor is unclear. FIN7 usually carries out targeted attacks on point-of-sale systems at casual-dining restaurants, casinos and hotels; or, it infiltrates systems to steal bank-card data and sell it. Since 2020, it has also added ransomware/data exfiltration attacks to its mix, carefully selecting targets according to revenue using the ZoomInfo service.
 
“It is plausible that proficient financial cybercrime groups, such as FIN7, are providing initial access to seasoned ransomware groups, such as REvil (aka Sodinokibi), Ryuk, etc. as a way to monetize their access,” according to TRU.

Read more: FIN7 Liquor Lure Compromises Law Firm with Backdoor | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>