ROconfidence: 50G0085

WOLF SPIDERWOLF SPIDER

Also known as: FIN4 · G0085 · WOLF SPIDER

Origin
RO
Known aliases
3
Attribution
50

Profile

FIN4 is a financially-motivated threat group that has targeted confidential information related to the public financial market, particularly regarding healthcare and pharmaceutical companies, since at least 2013. FIN4 is unique in that they do not infect victims with typical persistent malware, but rather they focus on capturing credentials authorized to access email and other non-public correspondence.

Aliases· 3

FIN4WOLF SPIDER
G0085

MITRE ATT&CK Group crosswalk

G0085

References

  1. https://www.reuters.com/article/2015/06/23/us-hackers-insidertrading-idUSKBN0P31M720150623
  2. https://www.fireeye.com/blog/threat-research/2014/11/fin4_stealing_insid.html
  3. https://www2.fireeye.com/rs/fireye/images/rpt-fin4.pdf
  4. https://pwc.blogs.com/cyber_security_updates/2015/06/unfin4ished-business.html
  5. https://attack.mitre.org/groups/G0085/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Group
FIN4
Actor
SHARK SPIDER
Group
FIN10
Actor
FIN5
Actor
FIN8
Actor
FIN6
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.