Bitdefender research has revealed elusive hacking group FIN8 is back and actively targeting organisations. The new report shows the group is gathering strength, actively building up its arsenal and becoming an increasingly hostile threat. FIN8 is known for launching tailored spear phishing campaigns targeting the retail, restaurant, and hospitality industries.
After a recent investigation of a blocked attack against a US bank customer, Bitdefender discovered that the cybercriminal group are using a new backdoor in attacks, naming it Sardonic. Sardonic is unique in that it uses plugin architecture allowing FIN8 to add capabilities without updating the entire malware.
Sardonic is under active development indicating the group is working to improve its evasion and intrusion features. FIN8’s return, and the new development of such advanced backdoor signals the start of a period of increased attacks.
Bitdefender is urging organisations (especially financial, retail, hospitality) to be on alert checking for known indicators of compromise.
Read the full report here.