El secuestro de datos valiosos mediante sofisticadas técnicas de ransomware se ha convertido en un negocio altamente rentable para los ciberdelincuentes cambiando el enfoque.
Según un informe reciente, el grupo conocido como FIN11, que a lo largo de 2017-1018 se dirigió principalmente a sectores financieros y minoristas, ha realizado la transición de su arsenal en 2019 a la distribución de ransomware duplicando la extorsión de datos robados que amenaza a víctimas con divulgar datos públicamente si no pagan rescates.
FIN11 ha estado activo desde 2016 y sus miembros probablemente provengan de países de habla Rusa. Los metadatos encontrados en sus herramientas revelan el uso del alfabeto Cirílico donde el propio malware comprueba para evitar atacar sistemas configurados con idiomas de la CEI (Comunidad de Estados Independientes), una coalición de países de la ex Unión Soviética.
FIN11 ha realizado algunas de las campañas de distribución de malware más grandes en múltiples sectores en 2020, pasando a un modelo basado en el programa de ransomware llamado CLOP.
Lo que necesitas saber sobre el grupo FIN11:
- FIN11 utiliza correos de gran volumen con señuelos genéricos como órdenes de venta, extractos bancarios y facturas, pero también ataques dirigidos y personalizados en inglés, español, coreano y alemán con un número significativo de ataques a Alemania.
- Los métodos de entrega de malware cambian todos los meses para evadir la detección. Comenzó con archivos de Office infectados, luego uso de archivos adjuntos y ahora incluye URL en correos electrónicos HTML dirigidos a usuarios de Office en servidores remotos.
- En los últimos ataques de FIN11, los correos maliciosos tenían un archivo adjunto HTML que redirigía a las víctimas a dominios comprometidos, que las redirigía aún más a dominios controlados por atacantes que entregaron los archivos maliciosos de Office después de que los usuarios pasaran un desafío CAPTCHA. Es probable que esto se haya agregado para bloquear los análisis de URL automatizados por parte de productos y servicios de seguridad.
- Si una víctima parece interesante, después de la intrusión inicial, los atacantes FIN11 implementan múltiples puertas traseras con el objetivo de moverse lateralmente y obtener privilegios de administrador de dominio. Aunque sus herramientas exclusivas como Flawed Ammyy y MIXLABEL se utilizan para ganar el punto de apoyo inicial, la actividad de movimiento lateral implica el uso de muchas herramientas disponibles públicamente.
- A partir de este año, FIN11 también adoptó la táctica de robar datos y amenazar con liberarlos para obligar a las víctimas de ransomware a pagar. El grupo ha creado un sitio web oscuro donde han publicado datos parciales de empresas que se negaron a pagar.
Autor:
Mg. José Alfredo Carreón Romero - MSCS
-min.png) |
Más de 30 años de experiencia en Tecnología Informática, 22 de los cuales dedicados a Seguridad Informática. Es CEO de ENCRYPTED, profesor y autor del Curso Security Informatics enseñándolo en la Universidad de California y ahora en UTEC y TECSUP de Perú. Trabajó con Steve Jobs en Apple como Evangelista Tecnológico y fue Director de Marketing de Seguridad Informática en HP, SUN, Brocade y iS3. Maestría en Computer Science en el Instituto Tecnológico Chalmers de la Universidad de Gothemburg - Suecia. Conoce más de su trabajo aquí |
SecureIQ es un newsletter de análisis sobre los más recientes eventos de seguridad informática y ciberseguridad que tienen lugar en el nuevo mundo de Covid-19, distanciamiento social, comunicaciones virtuales / móviles y de uso intensivo de las redes sociales.
Únete a la comunidad virtual de ciberseguridad y obtén la información más actualizada de seguridad informática y ciberseguridad aquí
COMPARTE TU OPINIÓN
Escribe aquí tu comentario.
Can You Redeem Casino Vouchers Online?
Can You Redeem Casino Vouchers Online? Casino vouchers are a popular way for players to enjoy the excitement and entertainment of a casino experience
https://www.casinoslotpoker.com/can-you-redeem-casino-vouchers-online
can you redeem casino vouchers online
How do we relationship
How Do We Relationship? play a fundamental role in our lives, shaping our experiences and influencing our well-being. Whether it’s with our partners, friends, family, or colleagues, building and maintaining healthy relationships is crucial. In this article, we will explore the key aspects of successful Relation and provide valuable insights on how to nurture and strengthen them.
https://www.amolatinafrauds.com/how-do-we-relationship/
how do we relationship
does hawaii have casinos
Does Hawaii Have Casinos? Hawaii, with its stunning natural beauty and vibrant culture, is a dream destination for many. However, when it comes to casinos and gambling, Hawaii stands apart from most other states.
https://casinoworldreviews.com/does-hawaii-have-casinos
does hawaii have casinos
How Do You Spell Casino
How Do You Spell Casino? When it comes to spelling, even the most proficient writers may stumble upon certain words that leave them perplexed. One such word that often raises questions is “casino.”
https://www.onlinelasvegasreviews.com/how-do-you-spell-casino
How Do You Spell Casino
What is a Relationship Banker
What is a Relationship Banker are an essential part of human life, influencing our emotional well-being and providing a sense of connection and belonging. Whether it’s a romantic partnership, friendship, or family bond, relationships play a crucial role in shaping our experiences and personal growth.
https://www.amolatinanews.com/what-is-a-relationship-banker/
what is a relationship banker
What is a vortex relationship
What is a Vortex Relationship? Have you ever experienced a relationship that feels like an exhilarating whirlwind of love, connection, and growth? A vortex relation, as coined by relationship experts, is an extraordinary bond that goes beyond the conventional dynamics of partnerships.
https://www.amolatinawomen.com/what-is-a-vortex-relationship
what is a vortex relationship
What casinos have coin pushers
What Casinos Have Coin Pushers? Are you a fan of arcade games and the thrill of casinos? If so, you may be wondering which casinos offer the popular game of coin pushers. Coin pushers, also known as coin dozers, are mechanical arcade games
https://www.pokercasinoslot.com/what-casinos-have-coin-pushers/
what casinos have coin pushers
How to Spell relationship
How to Spell Relationship? In today’s digital age, where communication often takes place through text messages, emails, and social media, the way we spell words has become increasingly important. Spelling errors can have a significant impact on various aspects of our lives, including relationships
https://www.datingreview.online/how-to-spell-relationship/
How to spell relationship
Why Do Casinos Have to Be on Water: Exploring the Tradition and Legalities
Why Do Casinos Have to Be on Water? Have you ever wondered why some casinos are located on water? It seems like a peculiar requirement, considering that gambling doesn’t necessarily need to take place near bodies of water.
https://www.slotscashreviews.com/why-do-casinos-have-to-be-on-water-exp…
why do casinos have to be on water
Best Dating Apps for College Students
Best Dating Apps for College Students In right now’s digital age, courting apps have turn into more and more well-liked amongst school college students. These apps supply a handy manner for younger adults to satisfy and join with potential romantic companions.
https://datingscam.co/best-dating-apps-for-college-students/
Best Dating Apps for College Students
Best Dating Apps for College Students
Best Dating Apps for College Students In right now’s digital age, courting apps have turn into more and more well-liked amongst school college students. These apps supply a handy manner for younger adults to satisfy and join with potential romantic companions.
https://datingscam.co/best-dating-apps-for-college-students/
Best Dating Apps for College Students
Best Dating Apps for College Students
Best Dating Apps for College Students In right now’s digital age, courting apps have turn into more and more well-liked amongst school college students. These apps supply a handy manner for younger adults to satisfy and join with potential romantic companions.
https://datingscam.co/best-dating-apps-for-college-students/
Best Dating Apps for College Students
X Games Casino: Experience the Thrill of Online Gambling 2023
In today’s digital era, online casinos have gained immense popularity as a convenient and exciting way to enjoy gambling experiences. One such online casino that stands out from the rest is X Games Casino.
https://www.slots-review.com/x-games-casino-experience-the-thrill-of-on…
x games casino
X Games Casino: Experience the Thrill of Online Gambling 2023
In today’s digital era, online casinos have gained immense popularity as a convenient and exciting way to enjoy gambling experiences. One such online casino that stands out from the rest is X Games Casino.
https://www.slots-review.com/x-games-casino-experience-the-thrill-of-on…
x games casino
Milky Way Casino Game: A Stellar Adventure in Gambling
Are you ready to embark on an extraordinary journey through the vast expanse of the Milky Way while experiencing the thrill of casino games? Look no further! Milky Way Casino Game brings you an immersive and out-of-this-world gambling experience like no other.
https://www.thecasinoreviews.com/milky-way-casino-game-a-stellar-advent…
milky way casino game
Best Dating Apps in Chicago: Finding Love in the Windy City
Best Dating Apps in Chicago, Dating in Chicago can be an exciting yet challenging experience. With a bustling city full of diverse individuals, finding a compatible partner can feel like searching for a needle in a haystack
https://www.datingreview.co/best-dating-apps-in-chicago-finding-love-in…
best dating apps chicago
Best Dating Apps in Chicago: Finding Love in the Windy City
Best Dating Apps in Chicago, Dating in Chicago can be an exciting yet challenging experience. With a bustling city full of diverse individuals, finding a compatible partner can feel like searching for a needle in a haystack
https://www.datingreview.co/best-dating-apps-in-chicago-finding-love-in…
best dating apps chicago
Best Dating Apps in Chicago: Finding Love in the Windy City
Best Dating Apps in Chicago, Dating in Chicago can be an exciting yet challenging experience. With a bustling city full of diverse individuals, finding a compatible partner can feel like searching for a needle in a haystack
https://www.datingreview.co/best-dating-apps-in-chicago-finding-love-in…
best dating apps chicago
Best Dating Apps in Seattle: Find Your Perfect Match
Best Dating Apps in Seattle Are you single and ready to mingle in Seattle? With its vibrant culture, stunning landscapes, and tech-savvy population, Seattle offers a fantastic dating scene for those seeking meaningful connections.
https://www.datinggroup.in/best-dating-apps-in-seattle-find-your-perfec…
best dating apps seattle
Best Dating Apps in Seattle: Find Your Perfect Match
Best Dating Apps in Seattle Are you single and ready to mingle in Seattle? With its vibrant culture, stunning landscapes, and tech-savvy population, Seattle offers a fantastic dating scene for those seeking meaningful connections.
https://www.datinggroup.in/best-dating-apps-in-seattle-find-your-perfec…
best dating apps seattle