Members of the now-defunct Conti ransomware gang have been using a new strain of malware developed by threat actors likely affiliated with the FIN7 hacking group. This suggests that the two teams collaborated in the malware development, indicating a cooperative effort.
In the past month, IBM discovered an innovative malware family known as “Domino,” which was developed by ITG14, aka FIN7, one of the most notorious cybercrime groups in the world. A lesser-known information stealer that has been advertised for sale on the dark web since December 2021 is included in Domino, which facilitates further exploitation of compromised systems.
Research by the X-Force team revealed that in May, when the Conti gang was disbanded, Conti threat actors began using Domino. This was about four months after FIN7 started using Domino in October last year.
The newly discovered Trojan horse, “Domino,” has been used by a Trickbot/Contini gang, ITG23, since February 2023, according to X-Force.
Domino’s code overlaps Lizar malware, previously linked to the FIN7 group, which IBM has discovered, according to an IBM research report. There are also similarities between malware families in terms of their functionality, configuration structure, and formats used for handling bots.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: