14 matches found
FIN8 Strikes with Noberus Ransomware via Altered Sardonic Backdoor
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The financially motivated threat actor FIN8 has been detected employing a revised variant of the backdoor known as Sardonic to deliver the Noberus ransomware. To receive real-time threat advisories, plea...
FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks
The financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to...
PT-2023-3575
Name of the Vulnerable Software and Affected Versions Citrix NetScaler ADC affected versions not specified Citrix NetScaler Gateway affected versions not specified Description An issue in Citrix NetScaler ADC and NetScaler Gateway involves incorrect code generation management, leading to...
FIN8 Hacker group using new ‘White Rabbit’ Ransomware against U.S. Banks
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. White Rabbit is a ransomware family that has only recently been discovered. It could be a subsidiary project of the FIN8 hacking gang. A ransomware expert seeking for a sample of the malware made the first public disclosure...
FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks
The financially motivated FIN8 actor, in all likelihood, has resurfaced with a never-before-seen ransomware strain called "White Rabbit" that was recently deployed against a local bank in the U.S. in December 2021. That's according to new findings published by Trend Micro, calling out the malware...
New ‘White Rabbit’ Ransomware May Be New FIN8 Tool
A new ransomware family, White Rabbit, chewed through a local U.S. bank last month — and it may be connected to the financially motivated advanced persistent threat APT group known as FIN8, researchers said. In a Tuesday report, Trend Micro researchers said that this twicky wabbit knows how to...
FIN8 Targets US Bank With New ‘Sardonic’ Backdoor
The financially motivated FIN8 cybergang used a brand-new backdoor – dubbed Sardonic by the Bitdender researchers who first spotted it – in attempted but unsuccessful breaches of networks belonging to two unidentified U.S. financial organizations. It’s a nimble newcomer, researchers wrote: “The...
FIN8 Resurfaces with New Sardonic Backdoor
By Deeba Ahmed In its latest attack, FIN8 is infiltrating companies to carry out surveillance and obtain privilege escalation to deploy a payload of malware called Sardonic. This is a post from HackRead.com Read the original post: FIN8 Resurfaces with New Sardonic Backdoor...
Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions
A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and st...
The Malwarebytes 2021 State of Malware report: Lock and Code S02E04
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report, which analyzed the top cybercrime goals of 2020 amidst the global pandemic. If you just pay...
FIN8 Resurfaces with Revamped Backdoor Malware
The FIN8 cyberattack group has resurfaced after a period of relative quiet, researchers have found. The gang is using new versions of the BadHatch backdoor to compromise companies in the chemical insurance, retail and technology industries. The attacks have been seen hitting organizations around...
FIN8 Hackers Return With More Powerful Version of BADHATCH PoS Malware
Threat actors known for keeping a low profile do so by ceasing operations for prolonged periods in between to evade attracting any attention as well as constantly refining their toolsets to fly below the radar of many detection technologies. One such group is FIN8, a financially motivated threat...
FIN8 Targets Card Data at Fuel Pumps
The notorious FIN8 cybercrime group has a new target when it comes to skimming payment-card details from consumers: Point-of-sale PoS systems used at fuel pumps at gas stations. Visa warned this week in a public alert posted online that its Payment Fraud Disruption PFD department has seen at leas...
Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques
Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers. Cyber espionage groups and financial threat actors continue to adopt the latest cutting-edge application whitelisting bypass techniques and introduce innovative...