FIN8 Gang Backdoors Networks Via Revamped Sardonic Malware
FIN8, a financially motivated cybercrime gang, has been using BlackCat ransomware on networks that were infiltrated with a new version of Sardonic malware. Active since January 2016, they target industries like retail, healthcare, and entertainment. Despite their sporadic approach, they've impacted hundreds of organizations. Their extensive arsenal includes POS malware strains, Windows zero-day vulnerabilities, and spear-phishing campaigns. Recently, Symantec discovered a revamped version of their C++-based backdoor, Sardonic, indicating an attempt to avoid detection while retaining some of their known techniques. Read more...