The “FIN12” threat group has been attracting attention for deploying ransomware in a quarter of the time typically needed, making it one of the fastest ransomware groups active today. Unlike other groups, FIN12 has not fully embraced the double-extortion technique, relying mainly on encryption. This approach enables the group to focus on improving attack efficiency, and to avoid problems with managing data-leak websites. FIN12 has primarily targeted the healthcare sector; the elevated risk posed by blocking access to healthcare systems likely explains the group’s success in receiving ransom payments. Such attacks have allegedly resulted in deaths. Regardless of the consequences, FIN12 is expected to wage more attacks, and probably become more efficient and destructive.
Most Recent Flipbooks
Main story: Rogue ex-developer leaks LockBit 3.0 builder
Main story: Uber compromised by Lapsus$'s resurgence
Main story: Cyber attacks shock the Italian energy sector
Main story: Back to school for students and ransomware groups
Main story: LastPass suffers source code data breach
Main story: LockBit under DDoS attack: Entrust strikes back?
Main Story: Cisco defies extortion attempts after network breach
Main story: Cybercriminals scramble for new hiding places after 911 proxy service folds
Main story: Free-to-use Redeemer opens doors for ransomware enthusiasts
Main story: LockBit launches new version, welcomes bug hunters
Main story: Attackers seize Microsoft zero-day for malware dissemination, espionage