FIN7 Group Lures Cyber Pros With Fake Jobs

Posted: 8th November 2021

The cybercriminal group FIN7 made a name for themselves in the criminal underworld for being responsible for large-scale payment card theft campaigns, resulting in the exposure of over 20 million card records. More recently they’ve set their sights on ransomware, as well, and to support their efforts they began recruiting employees using a bogus cybersecurity company using the name Bastion Secure.

Our guest today is Ilya Volovik, team lead for the threat intelligence team at Gemini Advisory, a Recorded Future company. He and his colleagues recently published research titled FIN7 Recruits Talent For Push Into Ransomware. He describes how a source reached out to describe being recruited by the FIN7 decoy company, which led to insights into some of the tools they use.

This podcast was produced in partnership with the CyberWire.