FIN7 hacking group elevates status in cybercrime space

Significant activity during the past year has made the FIN7 hacking group, also known as Carbanak, a prominent force in the cybercrime landscape, with the operation having compromised more than 8,147 victims around the world, most of which were in the U.S., according to The Hacker News. While FIN7 initially engaged in traditional social engineering tactics, the hacking group has moved to serve as an affiliate in ransomware attacks, a PRODAFT report revealed. Microsoft Exchange vulnerabilities have also been weaponized by the hacking group to infiltrate its targets. Aside from leveraging double extortion techniques, FIN7 has also engaged in distributing backdoors to already impacted systems, said researchers. "FIN7 has established itself as an extraordinarily versatile and well-known APT group that targets enterprise companies. Their signature move is to thoroughly research the companies based on their revenue, employee count, headquarters and website information to pinpoint the most profitable targets. Although they have internal issues related to the unequal distribution of obtained monetary resources and somewhat questionable practices towards their members, they have managed to establish a strong presence in the cybercrime sphere," said PRODAFT.