Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 13 submissions in the queue.

Submission Preview

Link to Story

Fin7 'cyber-mafia' group giving heartburn to the U.S. restaurant industry

Accepted submission by a-zA-Z0-9$_.+!*'(),- at 2017-05-28 02:42:00 from the hand-over-your-wallet-and-no-one-gets-e-coli dept.
Security

Chris Bing from CyberScoop notes:

"A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S. More than 20 U.S.-based hospitality companies — the sector that includes hotels and restaurants — have been successfully hacked by FIN7 since the summer of 2016..." https://www.cyberscoop.com/chipotle-hack-fin7-carbanak-baja-fresh-ruby-tuesday/ [cyberscoop.com]

Fin 7 also linked to the Carbanak APT https://en.wikipedia.org/wiki/Carbanak [wikipedia.org] and was accused a string of bank cyber-heists possibly totalling US $1 billion: https://threatpost.com/carbanak-ring-steals-1-billion-from-banks/111054/ [threatpost.com] https://securelist.com/blog/research/68732/the-great-bank-robbery-the-carbanak-apt/ [securelist.com]

This group has been described as "the first international cybermafia, a group of cybercriminals from Russia, Ukraine and other parts of Europe and China." and are suspected to have been involved with an SEC impersonation email campaign:

"In the phishing emails, FIN7 spoofed the sender email address as “EDGAR filings@sec.gov” in an email with an attachment reading disguised as a word doc entitled “Important_Changes_to_Form10_K.doc” " -http://www.readingeagle.com/business-weekly/article/scam-report-phishing-emails-target-executives-for-information.

Two other methods are also said to have been used in their attacks: fileless malware https://threatpost.com/hard-target-fileless-malware/125054/ [threatpost.com] and fake windows compatibility patches http://www.pcworld.com/article/3194523/security/financial-cybercrime-group-abuses-windows-app-compatibility-feature.html. [pcworld.com]


Original Submission