FIN7 UNVEILED: A deep dive into notorious cybercrime gang
The big day is finally here! 🎊After months of tireless research and analyses, we can present you with the most insightful information: an extensive report on the notorious #cybercrime gang #FIN7.
Thanks to the PTI team, we obtained never-seen-before information about FIN7’s inner workings. We got a deeper understanding of their organizational structures, identities, attack vectors, and proof-supported affiliations with other ransomware groups, among others.
The most enticing remarks of the report are:
🔹 Unveiling FIN7’s development of an auto attack system to exploit the most profitable targets based on their revenue, employee count, headquarters’ location, and website information
Read more👇
🔹Demonstrating how FIN7 equipped itself with in-house developed tools to exploit recent MS Exchange vulnerabilities
🚨New #MicrosoftExchange#vulnerabilities were disclosed, including CVE-2022-41040 and CVE-2022-41082. Threat actors can easily exploit the new vulnerabilities, and bypass #ProxyNotShell URL rewrite mitigations, resulting in many companies facing further #ransomware#attacks.
An example of what such an exploit can do is shown in the picture below, where the #threat actor #FIN7 developed tailored systems to quickly discover and infiltrate the high-value targets by performing mass scans using #Microsoft#exchange#vulnerabilities.
Our PTI team has already observed activities involving recent vulnerabilities in the wild. Therefore, #PRODAFT recommends that companies fix the vulnerabilities as soon as possible to avoid serious consequences.