Information Security News mailing list archives
Cybercrime group FIN6 evolves from POS malware to ransomware
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 9 Apr 2019 07:49:44 +0000 (UTC)
https://www.zdnet.com/article/cybercrime-group-fin6-evolves-from-pos-malware-to-ransomware/ By Catalin Cimpanu Zero Day ZDNet News April 8, 2019A cybercrime group known primarily for hacking retailers and stealing payment card details from point-of-sale (POS) systems has changed tactics and is now also deploying ransomware on infected networks.
The group --named FIN6-- has a reputation in the cyber-security field for being one of the most advanced cyber-criminal groups around.
Its activities were first documented in the spring of 2016, when FireEye published a first report detailing its extensive hacks and advanced arsenal.
At the time, the group had developed a versatile POS malware strain named Trinity (aka FrameworkPOS). FIN6 would hack into the networks of major retailers, move laterally across their systems, and deploy Trinity on computers that handled POS data to extract payment card details that they would later upload on their own servers.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Cybercrime group FIN6 evolves from POS malware to ransomware InfoSec News (Apr 09)