| SYMBOL | COMMON_NAME | aka. SYNONYMS |
FIN8 is a financially motivated group targeting the retail, hospitality and entertainment industries. The actor had previously conducted several tailored spearphishing campaigns using the downloader PUNCHBUGGY and POS malware PUNCHTRACK.
| 2021-08-15
⋅
Symantec
⋅
The Ransomware Threat Babuk BlackMatter DarkSide Avaddon Babuk BADHATCH BazarBackdoor BlackMatter Clop Cobalt Strike Conti DarkSide DoppelPaymer Egregor Emotet FiveHands FriedEx Hades IcedID LockBit Maze MegaCortex MimiKatz QakBot RagnarLocker REvil Ryuk TrickBot WastedLocker |
| 2021-03-15
⋅
Team Cymru
⋅
FIN8: BADHATCH Threat Indicator Enrichmen BADHATCH |
| 2021-03-10
⋅
Bitdefender
⋅
FIN8 Returns with Improved BADHATCH Toolkit BADHATCH |
| 2019-12-31
⋅
One Night in Norfolk
⋅
Fuel Pumps II – PoSlurp.B PoSlurp |
| 2019-08-15
⋅
Twitter (@just_windex)
⋅
Tweet on PoSlurp.B PoSlurp |
| 2019-07-23
⋅
Gigamon
⋅
ABADBABE 8BADF00D: Discovering BADHATCH and a Detailed Look at FIN8’s Tooling PoSlurp Powersniff |
| 2019-07-23
⋅
Gigamon
⋅
ABADBABE 8BADF00D: Discovering BADHATCH and a Detailed Look at FIN8’s Tooling BADHATCH |
| 2019-01-01
⋅
MITRE
⋅
Group description: FIN8 FIN8 |
| 2017-06-30
⋅
FireEye
⋅
Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques FIN8 |
| 2017-06-19
⋅
root9b
⋅
SHELLTEA + POSLURP Malware Memory-resident Point-of-Sale Malware Attacks Industry FIN8 |
| 2017-06-19
⋅
root9b
⋅
SHELLTEA + POSLURP Malware Memory-resident Point-of-Sale Malware Attacks Industry PoSlurp FIN8 |
| 2017-04-20
⋅
Mandiant
⋅
M-Trends 2017 FIN8 |
| 2017-03-14
⋅
FireEye
⋅
M-Trend 2017: A View From the Front Lines DistTrack Powersniff FIN8 |
| 2016-06-08
⋅
FireEye
⋅
Spear Phishing Attacks: Why They are Successful and How to Stop Them FIN8 |
| 2016-05-11
⋅
FireEye
⋅
Threat Actor Leverages Windows Zero-day Exploit in Payment Card Data Attacks FIN8 |