August 19, 2024 at 01:51AM
Cybersecurity researchers have uncovered new infrastructure associated with FIN7, a financially motivated threat actor. The identified clusters of potential FIN7 activity involve communication with IP addresses assigned to Post Ltd (Russia) and SmartApe (Estonia). The analysis also reveals additional infrastructure linked to FIN7, including IP addresses from Post Ltd and SmartApe.
From the meeting notes, it is clear that cybersecurity researchers have discovered new infrastructure linked to the financially motivated threat actor known as FIN7. The infrastructure was found to have communication ties to IP addresses assigned to Post Ltd in Russia and SmartApe in Estonia. Additionally, researchers identified additional infrastructure linked to FIN7 activity, including IP addresses assigned to Post Ltd and SmartApe. They also found that the first cluster from Russia and the second cluster from Estonia had connections with hosts previously discovered by Silent Push, and 12 of the identified hosts in the Post Ltd cluster were also observed in the SmartApe cluster. Finally, it was noted that services have been suspended by Stark following responsible disclosure.