|
gptkbp:instanceOf
|
cybercrime
|
|
gptkbp:activeYearsStart
|
2015
|
|
gptkbp:alsoKnownAs
|
gptkb:Carbanak_Group
gptkb:Navigator_Group
|
|
gptkbp:arrested
|
gptkb:Germany
gptkb:Poland
gptkb:Russia
gptkb:Spain
gptkb:Ukraine
2018
|
|
gptkbp:connectsTo
|
gptkb:JokerStash
gptkb:Ryuk_ransomware
gptkb:TrickBot
REvil ransomware
BlackMatter ransomware
DarkSide ransomware
Maze ransomware
|
|
gptkbp:countryOfOrigin
|
gptkb:Russia
|
|
gptkbp:estimatedFinancialLosses
|
over $1 billion
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
FIN7 group
|
|
gptkbp:industry
|
retail
hospitality
restaurant chains
|
|
gptkbp:investigatedBy
|
gptkb:Europol
gptkb:FBI
|
|
gptkbp:mainActivity
|
cybercrime
financial theft
point-of-sale malware attacks
|
|
gptkbp:notableBattle
|
Arby's data breach
Chipotle Mexican Grill data breach
Red Robin data breach
|
|
gptkbp:notableMemberArrested
|
gptkb:Andrii_Kolpakov
gptkb:Dmytro_Fedorov
gptkb:Fedir_Hladyr
|
|
gptkbp:tactics
|
phishing emails
social engineering
custom malware
malware-laden attachments
|
|
gptkbp:uses
|
gptkb:Carbanak_malware
SQL injection
backdoors
PowerShell scripts
remote access tools
malicious documents
custom malware loaders
Cobalt Strike beacons
Grim Spider malware
POS malware
RATs (Remote Access Trojans)
|
|
gptkbp:usesMalware
|
gptkb:Grim_Spider
gptkb:Carbanak
gptkb:Cobalt_Strike
|
|
gptkbp:bfsParent
|
gptkb:Anunak_malware
|
|
gptkbp:bfsLayer
|
7
|