Tracking a Cyber Crime Group: FIN7 at a Glance

The United States District Attorney’s Office for the Western District
of Washington recently unsealed indictments and announced the arrests
of three individuals linked to a criminal organization we have been
tracking since 2015 as FIN7. With the threat group in the news quite a
bit lately, FireEye CTO, Grady Summers sat down to discuss the actors
and the arrests with two of the foremost FIN7 experts: Nick Carr and
Barry Vengerik from FireEye’s Advanced Practices Team.

They discussed a wide variety of topics, including FIN7’s targeting,
why they chose the particular sectors that they did, how they gained
an initial foothold in organizations, their tools and tactics,
techniques and procedures (TTPs), some of the methods FireEye used to
track the group, and some of the ways FIN7 activity changed following
arrests made as far back as January 2018.

More information on FIN7 and many other threat groups can be found in
our Intel Portal as part of our FireEye iSIGHT Threat Intelligence
offering.