A financially-motivated hacking group that appeared to drop off the map a year-and-a-half ago is back with a new and improved backdoor, according to BitDefender research published Wednesday.
Over the last year the criminal hacking group, known as FIN8, has primarily targeted companies in retail, technology, chemical and insurance industries with its updated point-of-sale malware, and has compromised organizations in the U.S., Canada, South Africa, Puerto Rico, Panama and Italy, according to the research. FIN8, which FireEye researchers first observed in operation in 2016, has historically targeted organizations in the retail, restaurant and hospitality industries with emails containing malicious Microsoft Word documents.
The updated backdoor, known as BADHATCH, has incorporated screen capturing, proxy tunneling and fileless execution, the researchers write. The backdoor has also likely added in credential-stealing capabilities, according to the research.
BitDefender does not identify which organizations have been compromised.
An earlier version of BADHATCH, which researchers at Gigamon and Trend Micro observed in 2019, allowed attackers to target victims with other malware payloads, including PoSlurp and ShellTea, which enabled the hacking group to ..
Support the originator by clicking the read the rest link below.
