FIN7

FIN7 is a Russian criminal advanced persistent threat group that has primarily targeted the U.S. retail, restaurant, and hospitality sectors since mid-2015. A portion of FIN7 is run out of the front company Combi Security. It has been called one of the most successful criminal hacking groups in the world.^[1]

History[]

In March 2017 FIN7 engaged in a spearfishing campaign of company employees involved with SEC filings.^[2]

In August 2018 three members of FIN7 were charged by the United States Department of Justice for cybercrimes impacted more than 100 U.S. companies.^[3]

In November 2018 it was reported that FIN7 were behind data breaches of Red Robin, Chili's, Arby's, Burgerville, Omni Hotels and Saks Fifth Avenue.^[4]

In March 2020 it was reported that FIN7 were engaged in BadUSB attacks.^[5]

In December 2020 it was reported that FIN7 may be a close collaborator of Ryuk.^[6]

In April 2021 a "high-level manager" of FIN7 Fedir Hladyr from Ukraine was sentenced to 10 years of prison in the United States after he pleaded guilty to charges of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.^[7]^[8]

References[]

^ "Fin7: The Billion-Dollar Hacking Group Behind a String of Big Breaches". Wired. ISSN 1059-1028. Retrieved 2021-03-15.
^ "FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings". FireEye. Retrieved 2021-03-15.
^ "Three Members of Notorious International Cybercrime Group "Fin7" In Custody for Role in Attacking Over 100 U.S. companies". www.justice.gov. 2018-08-01. Retrieved 2021-03-15.
^ Gorelik, Michael. "FIN7 Not Finished – Morphisec Spots New Campaign". blog.morphisec.com. Retrieved 2021-03-15.
^ Cimpanu, Catalin. "Rare BadUSB attack detected in the wild against US hospitality provider". ZDNet. Retrieved 2021-03-15.
^ "Collaboration between FIN7 and the RYUK group, a Truesec Investigation". TRUESEC Blog. 2020-12-22. Retrieved 2021-03-15.
^ "High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards". www.justice.gov. 2021-04-16. Retrieved 2021-04-22.
^ Palmer, Danny. "'High-level' organiser of FIN7 hacking group sentenced to 10 years in prison". ZDNet. Retrieved 2021-04-22.

This crime-related article is a stub. You can help Wikipedia by .

[1] "Fin7: The Billion-Dollar Hacking Group Behind a String of Big Breaches". Wired. ISSN 1059-1028. Retrieved 2021-03-15.

[2] "FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings". FireEye. Retrieved 2021-03-15.

[3] "Three Members of Notorious International Cybercrime Group "Fin7" In Custody for Role in Attacking Over 100 U.S. companies". www.justice.gov. 2018-08-01. Retrieved 2021-03-15.

[4] Gorelik, Michael. "FIN7 Not Finished – Morphisec Spots New Campaign". blog.morphisec.com. Retrieved 2021-03-15.

[5] Cimpanu, Catalin. "Rare BadUSB attack detected in the wild against US hospitality provider". ZDNet. Retrieved 2021-03-15.

[6] "Collaboration between FIN7 and the RYUK group, a Truesec Investigation". TRUESEC Blog. 2020-12-22. Retrieved 2021-03-15.

[7] "High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards". www.justice.gov. 2021-04-16. Retrieved 2021-04-22.

[8] Palmer, Danny. "'High-level' organiser of FIN7 hacking group sentenced to 10 years in prison". ZDNet. Retrieved 2021-04-22.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]