Traditionally associated with payment card theft, the cybercriminal group FIN6 has expanded its operations to apparently include ransomware attacks using the malicious encryption programs Ryuk and LockerGoga, according to researchers.
Investigations by the FireEye Intelligence research team and the company’s Mandiant division have revealed that FIN6’s ransomware activity dates back to July 2018, and has reportedly caused tens of millions of dollars in damage. Such behavior is a far cry from the group’s more traditional m.o., which involves using malware to steal card data from retail and hospital companies, and then selling that information on underground marketplaces.
No comments:
Post a Comment