FIN7: The Truth Doesn't Need to be so STARK
Essential information
- Published
- 16/08/2024 08:13
- Modified
- 16/08/2024 08:26
- Tags
- 2024-08-16 cybercrime cybersecurity collaboration financially-motivated malicious infrastructure threat group
- Related entities
- 103 observables, 1 intrusion sets (apt), 15 techniques (mitre)
Description
In this collaborative effort, cybersecurity researchers from Silent Push, Stark Industries Solutions, and Team Cymru have identified and disrupted infrastructure associated with the financially motivated threat group FIN7. The analysis uncovered two clusters of potential FIN7 activity communicating with Stark-assigned IP addresses, indicating the group's abuse of legitimate hosting services. Through cooperation with Stark, the researchers were able to identify and suspend numerous malicious domains and IP addresses linked to FIN7's operations across various sectors.