Tracking a Cyber Crime Group: FIN7 at a Glance

The United States District Attorney’s Office for the Western District of Washington recently unsealed indictments and announced the arrests of three individuals linked to a criminal organization we have been tracking since 2015 as FIN7. With the threat group in the news quite a bit lately, I sat down to discuss the actors and the arrests with two of the foremost FIN7 experts: Nick Carr and Barry Vengerik from FireEye’s Advanced Practices Team.

During our chat, Nick, Barry and I discussed a wide variety of topics, including FIN7’s targeting, why they chose the particular sectors that they did, how they gained an initial foothold in organizations, their tools and tactics, techniques and procedures (TTPs), some of the methods FireEye used to track the group, and some of the ways FIN7 activity changed following arrests made as far back as January.

Check out our podcast today to hear the entire discussion. More information on FIN7 and many other threat groups can be found in our Intel Portal as part of our FireEye iSIGHT Threat Intelligence offering.