Common Information
| Type | Value |
|---|---|
| Value |
G0061 |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | FIN8 is a financially motivated group targeting the retail, hospitality and entertainment industries. The actor had previously conducted several tailored spearphishing campaigns using the downloader PUNCHBUGGY and POS malware PUNCHTRACK. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-11-09 | 1 | Hive Ransomware Resurfaces as Hunters International, Bitdefender Claim | ||
| Details | Website | 2023-10-20 | 1 | Europol: ‘Key target’ in Ragnar Locker ransomware operation arrested in Paris | ||
| Details | Website | 2023-10-06 | 15 | X-Force uncovers global NetScaler Gateway credential harvesting campaign | ||
| Details | Website | 2023-09-04 | 14 | 4th September – Threat Intelligence Report - Check Point Research | ||
| Details | Website | 2023-08-29 | 9 | FIN8-linked actor targets Citrix NetScaler systems | ||
| Details | Website | 2023-08-09 | 17 | Norwegian Cyberattack, Virustotal Data Leak and AI powered BEC | ||
| Details | Website | 2023-08-01 | 33 | The Double Extortion Group, 8Base | ||
| Details | Website | 2023-07-25 | 3 | FIN8 Spear-Phishing | ||
| Details | Website | 2023-07-24 | 418 | RST TI Report Digest: 24 Jul 2023 | ||
| Details | Website | 2023-07-21 | 3 | Rewterz Threat Advisory – ICS: Rockwell Automation ThinManager ThinServer Vulnerability | ||
| Details | Website | 2023-07-21 | 3 | Rewterz Threat Advisory – CVE-2023-28767 – Multiple Zyxel Devices Vulnerability | ||
| Details | Website | 2023-07-21 | 5 | The Week in Ransomware - July 21st 2023 - Avaddon Back as NoEscape | ||
| Details | Website | 2023-07-20 | 27 | Rewterz Threat Alert – FIN8 Utilizes Sardonic Malware Variant to Execute ALPHV Ransomware Attack – Active IOCs | ||
| Details | Website | 2023-07-20 | 35 | Rewterz Threat Alert – Russian State-Sponsored Turla Hacking Group Launches Targeted Attacks – Active IOCs | ||
| Details | Website | 2023-07-20 | 3 | Rewterz Threat Advisory – CVE-2023-22014 – Oracle PeopleSoft Enterprise PeopleTools Vulnerability | ||
| Details | Website | 2023-07-20 | 2 | FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware | ||
| Details | Website | 2023-07-20 | 10 | FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware | ||
| Details | Website | 2023-07-20 | 6 | News – July 2023 – Cyber Security Review | ||
| Details | Website | 2023-07-20 | 1 | The Week in Security: Google Cloud Build permissions can be poisoned, WormGPT weaponizes AI | ||
| Details | Website | 2023-07-19 | 6 | Cyber Briefing: 2023.07.19 | ||
| Details | Website | 2023-07-19 | 23 | FIN8 Revamped Hacking Toolkit with New Stealthy Attack Features | ||
| Details | Website | 2023-07-19 | 1 | FIN8 is rewriting its backdoor malware to avoid detection | ||
| Details | Website | 2023-07-19 | 1 | FIN8 deploys ALPHV ransomware using Sardonic malware variant - RedPacket Security | ||
| Details | Website | 2023-07-18 | 1 | FIN8 Modifies 'Sardonic' Backdoor to Deliver BlackCat Ransomware | ||
| Details | Website | 2023-07-18 | 3 | FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks |