FIN8 Hackers use Sardonic Backdoor to Target Financial Institutions

Threat actors have different motivations and goals. Some of them are working for the highest bidder, while others focus on espionage and data exfiltration. There are also those like FIN8, threat actors whose motivation is purely financial. Typically, these cybercrime groups go after businesses in individuals operating in lucrative industries like hospitality, restaurants, and retail. The FIN8 group is one of the most renowned threat actors with financial motivation and, recently, they unleashed a new threat dubbed the Sardonic Backdoor.

Previously, the FIN8 group has put other custom-built malware to use – such as PoSlurp and BADHATCH. This time, however, they are using a much more sophisticated implant. The Sardonic Backdoor is rich in features and, surprisingly, its target is a major, US-based financial organization. However, it is likely that the FIN8 hackers are planning to expand their operation in the near future. Just like in their past campaigns, the criminals are once again aiming to spread laterally across the network. Their ultimate goal is to compromise point-of-sale (PoS) devices, and exfiltrate payment card data.

C++ Sardonic Backdoor Steals Financial Data

The Sardonic Backdoor payload is written in C++, and the criminals are likely to use spearphishing and social engineering tactics to deliver it to their targets. As for the features of this Trojan, it can:

  • Execute remote commands and return the output to the attacker's server.
  • Gather hardware, software, and network data about the infected host.
  • Sardonic Backdoor's modular structure enables its operators to extend its functionality on-the-fly.

The scope of the Sardonic Backdoor Trojan attack is not yet clear, and the situation is still developing. Naturally, this means that businesses in the hospitality, restaurant and retail sectors need to take preventive measures to identify and stop the malicious implant. Tutoring employees on how to navigate the Web safely, and investing in reputable endpoint protection should be enough to mitigate malicious attacks like the one in question.

By Ruik
August 26, 2021
Trojan
English
August 26, 2021
Trojan

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

CryptoCore Hackers Target Password Manager Accounts

Yesterday, cybersecurity company ClearSky published a report on a hacking group called CryptoCore. Also known as Dangerous Password and Leery Turtle, the gang is allegedly located in Eastern Europe, and its actions... Read more

June 25, 2020
News

Hackers Target Gullible YouTubers to Steal Passwords

More than half of all the emails that are sent and received every day can be classified as spam, and of those, quite a few are classic phishing scams – the ones that trick users into sharing their usernames and... Read more

May 9, 2019
Malware

Hackers Can Target Your Computer and Spread Malware Through Excel Encryption Technique

By now, most Internet users are savvy about the danger of downloading strange files from suspicious emails that end up in their inbox. This has forced hackers to employ more complex forms of social engineering and... Read more

April 24, 2020
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.