Bitdefender researchers have uncovered new versions of the BADHATCH backdoor used by the FIN8 threat actor to compromise companies in insurance, retail, technology, and chemical industries in the United States, Canada, South Africa, Puerto Rico, Panama, and Italy.
This new research describes the technical capabilities of a constantly-evolving threat actor and outlines the differences between the three BADHATCH versions.
Like most persistent and skilled cyber-crime actors, FIN8 operators are constantly refining their tools and tactics to avoid detection. Bitdefender recommends that merchants take the following actions to minimize the impact of financial malware:
An up-to-date and complete list of indicators of compromise is available to Bitdefender Advanced Threat Intelligence users. The currently known indicators of compromise can be found in the whitepaper below.
Victor VRABIE is a security researcher at Bitdefender Iasi, Romania. Focusing on malware research, advanced persistent threats and cybercrime investigations, he's also a graduate of Computer Sciences.View all posts
Information security professional. Living my second childhood at @Bitdefender as director of threat research.View all posts
January 11, 2023
January 05, 2023
December 06, 2022
October 05, 2022
February 28, 2023
February 23, 2023