The well-known cybercriminal group FIN7 has launched a new virus spreading campaign based on the victims ‘curiosity and interest in the new Windows 11 platform. Attackers send several infected Word files, the launch of which loads malicious software into the system that allows them to steal victims’ data.
It is believed that the attackers have been sending malicious Word files since June this year. Around the same time, Microsoft released the first test build of Windows 11, which caused a high level of interest in the new operating system. The cybercriminals decided to take advantage of this by distributing malicious files that were allegedly created in Windows 11. The method of distributing such files is not disclosed, but, most likely, phishing mailing lists are used for this.
According to reports, FIN7 has been active for the past six years and is primarily aimed at US users. The source notes that in 2018, law enforcement agencies managed to arrest three members of the group, and one “high-ranking organizer” was detained in April this year. Despite this, the group continues to operate.