The notorious FIN7 hacking group has been identified selling a custom tool called “AvNeutralizer,” designed to bypass detection by disabling enterprise endpoint protection software on corporate networks.
Believed to be a Russian hacking group active since 2013, FIN7 initially focused on financial fraud, hacking organizations, and stealing debit and credit card information.
Subsequently, the group ventured into the ransomware domain and became linked with the DarkSide and BlackMatter ransomware platforms. The same threat actors are also suspected of being associated with the BlackCat ransomware operation, which recently conducted an exit scam after pilfering a ransom payment from UnitedHealth.
FIN7 is notorious for its sophisticated phishing and social engineering attacks, which they use to gain initial access to corporate networks. Their methods have included impersonating BestBuy to distribute malicious USB drives and developing custom malware and tools.
The group also created a fake security company called Bastion Secure to recruit pentesters and developers for ransomware attacks without the applicants realizing the true nature of their work.
FIN7 is tracked under various aliases, including Sangria Tempest, Carbon Spider, and the Carbanak Group.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: