Carbanak and FIN7 Attack Techniques

Constant monitoring of threat groups is one of the ways that security researchers and law enforcement agencies are able defend systems against cybercrime. Among these cybercriminals are financially motivated threat groups Carbanak and FIN7. Although both names have at times been used to refer to the same group, organizations such as MITRE identifies them as two separate entities that wield the Carbanak backdoor in their attacks. However, the groups use not just the Carbanak backdoor but also other types of malware such as Pillowmint, a point-of-sale malware, and Tirion, which is said to be geared to replace Carbanak.

MITRE also identifies different main targets for each group: While Carbanak focuses on banking institutions, FIN7 targets food, hospitality, and retail establishments.

This week, the results of this year’s round of the MITRE Engenuity ATT&CK Evaluations were released, which focused on Carbanak+FIN7. We also separately discussed how Trend Micro solutions deal with these threats.

Read more…
Source: Trend Micro