FIN7 tries to trick pentesters into launching ransomware attacks

Share on linkedin
Share on facebook
Share on twitter

The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting.

The Gemini researchers found that FIN7 was offering between $800 and $1,200 per month to recruit C++, PHP, and Python programmers, Windows system administrators, and reverse engineering specialists by following tips from an unnamed source.

All of these skills are required for pre-encryption stages of ransomware attacks, so it appears that this is what FIN7 is going after through these hiring rounds.

The attribution to FIN7 is quite strong, even though the source code of some of these tools was publicly leaked two years ago.

Another piece of evidence is that the software was purportedly licensed to “CheckPoint Software Inc”, the renowned Israeli security firm, which FIN7 has masqueraded as in other recent attacks.

FIN7 didn’t provide any legal documentation for this pentesting activity, so Gemini’s source realized they were probably dwelling inside a victimized company using access obtained via illegal means.

Stay on Top of Cyber Threats!

Subscribe to our monthly bulletin to stay updated on major cybersecurity risks.

Follow us on Socials:

Recent Cybersecurity News

Emotet now spreads via fake Adobe Windows App Installer packages

The Emotet malware is now distributed through malicious Windows App Installer packages that...
Read The Article

Critical Wormable Security Flaw Found in Several HP Printer Models

Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers...
Read The Article

Panasonic discloses data breach after network hack

Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained...
Read The Article

Contact a Specialist

Discover why 1,000+ organizations trust our expertise to improve their cybersecurity.

Stay Updated on Cyber Risks!

Subscribe to the Vumetric Monthly Bulletin to keep up with breaking news in the cybersecurity industry.