Even after several alleged members were arrested last year, FIN7 continues to show signs of life, as evidenced by the recent discovery of an administration panel tool called "Astra" and two new malware samples used in campaigns by the cybercriminal group in 2018.

Researchers from Flashpoint who uncovered the threat observed Astra-related activity from May through July 2018. However, Astra campaigns may date as far back as January of that year, and could still be active today, albeit invisible to the security community.

It was last August that the U.S. Department of Justice announced the arrests of three Ukrainian men who allegedly are all key players in FIN7, aka the Carbanak gang. Two of these arrests came in January 2018, while the third took place in June. Officials say the men allegedly disguised their illegal actions through a front company called Combi Security.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.