FIN7 group

GPTKB entity

Statements (54)
Predicate Object
gptkbp:instanceOf cybercrime
gptkbp:activeYearsStart 2015
gptkbp:alsoKnownAs gptkb:Carbanak_Group
gptkb:Navigator_Group
gptkbp:arrested gptkb:Germany
gptkb:Poland
gptkb:Russia
gptkb:Spain
gptkb:Ukraine
2018
gptkbp:connectsTo gptkb:JokerStash
gptkb:Ryuk_ransomware
gptkb:TrickBot
REvil ransomware
BlackMatter ransomware
DarkSide ransomware
Maze ransomware
gptkbp:countryOfOrigin gptkb:Russia
gptkbp:estimatedFinancialLosses over $1 billion
https://www.w3.org/2000/01/rdf-schema#label FIN7 group
gptkbp:industry retail
hospitality
restaurant chains
gptkbp:investigatedBy gptkb:Europol
gptkb:FBI
gptkbp:mainActivity cybercrime
financial theft
point-of-sale malware attacks
gptkbp:notableBattle Arby's data breach
Chipotle Mexican Grill data breach
Red Robin data breach
gptkbp:notableMemberArrested gptkb:Andrii_Kolpakov
gptkb:Dmytro_Fedorov
gptkb:Fedir_Hladyr
gptkbp:tactics phishing emails
social engineering
custom malware
malware-laden attachments
gptkbp:uses gptkb:Carbanak_malware
SQL injection
backdoors
PowerShell scripts
remote access tools
malicious documents
custom malware loaders
Cobalt Strike beacons
Grim Spider malware
POS malware
RATs (Remote Access Trojans)
gptkbp:usesMalware gptkb:Grim_Spider
gptkb:Carbanak
gptkb:Cobalt_Strike
gptkbp:bfsParent gptkb:Anunak_malware
gptkbp:bfsLayer 7