The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size.
This system was discovered by Prodaft’s threat intelligence team, which has been closely following FIN7 operations for years now.
In a report shared with BleepingComputer before publication, Prodaft reveals details about FIN7’s internal hierarchy, affiliations with various ransomware projects, and a new SSH backdoor system used for stealing files from compromised networks.
Read more…
Source: Bleeping Computer