Chris Bing from CyberScoop notes:
"A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S. More than 20 U.S.-based hospitality companies — the sector that includes hotels and restaurants — have been successfully hacked by FIN7 since the summer of 2016..." https://www.cyberscoop.com/chipotle-hack-fin7-carbanak-baja-fresh-ruby-tuesday/ (Javascript required.)
FIN7 is also linked to the Carbanak APT https://en.wikipedia.org/wiki/Carbanak and was accused a string of bank cyber-heists possibly totalling US $1 billion: https://threatpost.com/carbanak-ring-steals-1-billion-from-banks/111054/ https://securelist.com/blog/research/68732/the-great-bank-robbery-the-carbanak-apt/
This group has been described as "the first international cybermafia, a group of cybercriminals from Russia, Ukraine and other parts of Europe and China." and are suspected to have been involved with an SEC impersonation email campaign:
"In the phishing emails, FIN7 spoofed the sender email address as "EDGAR filings@sec.gov" in an email with an attachment reading disguised as a word doc entitled "Important_Changes_to_Form10_K.doc" " -http://www.readingeagle.com/business-weekly/article/scam-report-phishing-emails-target-executives-for-information.
Two other methods are also said to have been used in their attacks: fileless malware https://threatpost.com/hard-target-fileless-malware/125054/ and fake windows compatibility patches http://www.pcworld.com/article/3194523/security/financial-cybercrime-group-abuses-windows-app-compatibility-feature.html.
(Score: 0) by Anonymous Coward on Monday May 29 2017, @02:05PM (1 child)
...what is wrong with Chipotle?
(Score: 0) by Anonymous Coward on Monday May 29 2017, @02:42PM
They forgot to update their antivirus.