FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

The financially motivated cybercrime gang behind the Carbanak backdoor malware, FIN7, has hit upon a genius idea for maximizing profit from ransomware: Hire real pen-testers to do some of their dirty work instead of striking partnerships with other criminals.

According to a report from Gemini Advisory, the group has set up a fake security company (called “Bastion Secure”) and is looking to hire security pros under the guise of needing red-teaming expertise for its clients. In reality, the duped “employees” are carrying out malicious activity, unbeknownst to them.

It’s not the first time FIN7 has masqueraded as a legitimate security firm, but this latest gambit showcases its continued expansion into the ransomware area, researchers noted.

Read more…
Source: ThreatPost