• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • February 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Disruptive Ransomware Group ‘FIN10’ Hacked Casinos, Mining Firms

June 17th, 2017 Jahanzaib Hassan Cyber Crime, Hacking News, Malware, Security 0 comments
Disruptive Ransomware Group ‘FIN10’ Hacked Casinos, Mining Firms
Share on FacebookShare on Twitter

The FireEye cyber security firm has discovered that a number of Canadian mines and casinos were hacked by a group named FIN10 whose location has not yet been identified – FireEye labels FIN10 to be “one of the most disruptive threat actors observed in the region.”

Sensitive data and information were stolen: As part of the campaign, FIN10 has apparently hacked into the networks of different mining companies and casinos in Canada and has stolen critical information with regards to customers’ habits and other system-level data.

According to the firm’s research (PDF), FIN10 has been on the loose since 2013 and had gone undetected till 2016. It is only now that the attacks have been linked to the group. However, the identity and location of the perpetrators remain to be unknown.

The senior manager of FireEye Charles Prevost unclear why Canada has been the primary target. However, it has been identified that the criminals might be native English speakers.

[irp posts=”40916″ name=”Canadian Gold-Mining Company Hacked, 14.8 GB Data Stolen”]

How was the attack carried out? The group has used the conventional ransomware method wherein FIN10 has been able to inject ransomware into the networks belonging to mines and casinos.

FireEye states that the campaign involved the usual method of spam emails in which malicious links, attachments, and documents were contained. The user was tricked into clicking these for the attack to launch itself.

Essentially, once the user clicked one of the links, he/she would be led to a website that would be masked as either a legitimate holiday scheduling system or a document. Clicking or accessing these would activate the ransomware.

Further investigation showed that although the attacks were far-reaching, they were not as high-profile as those launched by Russian hacking groups. In fact, the group used common tools such as PowerShell to infiltrate the system.

Data stolen included information on customer betting habits from casinos and other relevant information belonging to mining companies. Also, the malware allowed the hackers to delete or change files and affect critical databases.

FIN10’s attack lifecycle model (Image Credit: FireEye)

The ransom demanded: The ransom demanded was around 100 to 500 bitcoins, equivalent to 35,000 to 170,000 Canadian dollars, to be paid in 10 days if the victims did not want their data to be released publicly.

Those who did not comply with the group’s terms had their systems completely shut down, closing down all operations altogether.

Victims’ names not yet revealed: When asked about who were the victims, FireEye did not tell the specific names and simply told that less than ten companies have been infected. However, there have been recent attacks that targeted certain casinos including the Cowboy’s Casino along with mining organizations such as the Goldcorp and Detour Gold Corporation.

Although not confirmed, but the same casinos and mining companies might have been the victims of FIN10 also.

[irp posts=”54194″ name=”Russian Hackers Control Malware via Britney Spears Instagram Posts”]


DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • Bitcoin
  • Canada
  • Cyber Crime
  • hacking
  • internet
  • Malware
  • Ransomware
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Hackers can exploit E-Cigarettes to hack computers
Next article Google is having a hard time getting rid of malicious Android apps
Jahanzaib Hassan

Jahanzaib Hassan

Related Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials

Hackers using malicious Firefox extension to phish Gmail credentials

Cryptocurrency exchange in liquidation due to hack, hacked again

Cryptocurrency exchange in liquidation due to hack, hacked again

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Microsoft release open-source CodeQL queries to hunt SolarWinds hacks
Microsoft

Microsoft release open-source CodeQL queries to hunt SolarWinds hacks

Hackers using malicious Firefox extension to phish Gmail credentials
Security

Hackers using malicious Firefox extension to phish Gmail credentials

Apple Glass may feature 3D Audio and Self-Cleaning in new patent
Technology News

Apple Glass may feature 3D Audio and Self-Cleaning in new patent

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us