FIN10: Anatomy of a Ransomware Phishing Extortion Operation

save

Share and earn Cybytes

fin10-cyber-extortionist-canadian-mining-firms-casinos-to-ransom-2.png

Cyber security firm FireEye reported that that a number of Canadian mines and casinos were hacked by a group named FIN10 – FireEye labels FIN10 to be “one of the most disruptive threat actors observed in the region.” It has been identified that these cyber criminals might be native English speakers.

FIN10 used phishing campaigns with malicious links, attachments, and documents, and also led users to compromised websites masked as either a legitimate holiday scheduling system or providing access to an online document like Google Docs. Clicking or accessing these would activate the ransomware and drop remote access trojans.

Share this post and earn Cybytes

85 Followers

About KnowBe4

KnowBe4, the provider of the world’s most popular integrated new school security awareness training and simulated phishing platform, is used by more than 9,500 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO Fraud and other social engineering tactics through a new school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s trainings based on his well-documented social engineering tactics. Thousands of organizations trust KnowBe4 to mobilize their end-users as the last line of corporate IT defense.

Promoted Content

Free Ransomware Simulator Tool

Will your network stop ransomware from getting in? RanSim tests against 10 different infection scenarios. Start now and get your results in minutes!

View

126

Fun Thanksgiving Landing Page

Just like we did for Halloween, Natalie has created a new Thanksgiving landing page, to coincide with any phishing tests set up to run around the Thanksgiving holiday.

Save

11/14/2018

The Fundamental Importance of Choice and Variety in Security Awareness Program Content

By Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer. I’m a bit of an oddball when it comes to the security awareness market in that I’ve seen it from vi

Save

9/10/2018

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Student Support

Get Support

Other Pages

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Support Cybrary