FIN7 tries to trick pentesters into launching ransomware attacks

The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting.

The Gemini researchers found that FIN7 was offering between $800 and $1,200 per month to recruit C++, PHP, and Python programmers, Windows system administrators, and reverse engineering specialists by following tips from an unnamed source.

All of these skills are required for pre-encryption stages of ransomware attacks, so it appears that this is what FIN7 is going after through these hiring rounds.

The attribution to FIN7 is quite strong, even though the source code of some of these tools was publicly leaked two years ago.

Another piece of evidence is that the software was purportedly licensed to “CheckPoint Software Inc”, the renowned Israeli security firm, which FIN7 has masqueraded as in other recent attacks.

FIN7 didn’t provide any legal documentation for this pentesting activity, so Gemini’s source realized they were probably dwelling inside a victimized company using access obtained via illegal means.

Share this article on social media:

Subscribe to Our Newsletter!

Stay on top of cybersecurity risks, evolving threats and industry news.

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

Tell us about your needs.
Get an answer the same business day.

Tell us about your needs.
Get an answer the same business day.

Fill out the form below and get an answer from our experts within 1 business day.
Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.
PCI-DSS

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project's scope
  • You get an all-inclusive, no engagement proposal

Scroll to Top

BOOK A MEETING

Enter Your
Corporate Email

BOOK A MEETING WITH AN EXPERT

Enter Your Corporate Email

Restez Informés!

Abonnez-vous pour rester au fait des dernières tendances, menaces, nouvelles et statistiques dans l’industrie.