G0061
G0061FIN8
Description
[FIN8](https://attack.mitre.org/groups/G0061) is a financially motivated threat group that has been active since at least January 2016, and known for targeting organizations in the hospitality, retail, entertainment, insurance, technology, chemical, and financial sectors. In June 2021, security researchers detected [FIN8](https://attack.mitre.org/groups/G0061) switching from targeting point-of-sale (POS) devices to distributing a number of ransomware variants.(Citation: FireEye Obfuscation June 2017)(Citation: FireEye Fin8 May 2016)(Citation: Bitdefender Sardonic Aug 2021)(Citation: Symantec FIN8 Jul 2023)
References
- https://attack.mitre.org/groups/G0061
- https://web.archive.org/web/20170923102302/https://www.fireeye.com/blog/threat-research/2017/06/obfuscation-in-the-wild.html
- https://www.bitdefender.com/files/News/CaseStudies/study/401/Bitdefender-PR-Whitepaper-FIN8-creat5619-en-EN.pdf
- https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html
- https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/syssphinx-fin8-backdoor
Software attributed to this4
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Software | PUNCHBUGGYs0196 | 100% | live |
| Software | BADHATCHs1081 | 95% | live |
| Software | Sardonics1085 | 95% | live |
| Software | PUNCHTRACKs0197 | 95% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.