IT-experts from Canada and Saudi Arabia warned about cyberattacks on Microsoft SharePoint servers that last…
FIN7 is known, among other things, for its Darkside and BlackMatter ransomware.
There are two options for such packages: some mimic messages from HHS (US Department of Health and Human Services), so they are often accompanied by letters with links to recommendations for protection against COVID-19, indicating to refer to the attached USB stick. Others mimic an Amazon package that came in a gift box and contain a fake thank you letter, a fake gift card, and a USB device. Both shipments are known to contain LilyGO branded USB devices.
According to law enforcement officials, if the victim connected such a device to their PC, the device performs a BadUSB attack, during which the device uses the HID, registers itself as a keyboard, and transmits a series of predefined keystrokes to the user’s machine.
These keystrokes launched PowerShell commands that already downloaded and installed various malware that acted as backdoors. In the cases investigated by the FBI, the hack group gained administrative access and then attacked other local systems.
Let me remind you that we talked about the fact that main Fin7 activity is stealing companies’ financial archives (including debit cards), and gaining access to financial data and computers of employees of financial departments in order to steal funds, and also that when Hackers from all over the world attack Microsoft SharePoint servers: noticed traces of famous FIN7.
News-bhexusa.xyz is a domain that tries to trick you into clik to its browser notifications…
News-bhupotu.xyz is a domain that tries to trick you into subscribing to its browser notifications…
News-bhocime.info is a site that tries to trick you into subscribing to its browser notifications…
You-hub.online is a site that tries to force you into clik to its browser notifications…
News-bhecudu.live is a domain that tries to force you into clik to its browser notifications…
News-bhiciwe.today is a site that tries to force you into clik to its browser notifications…