Introduction
FIN4 is a financially-motivated threat group that has targeted confidential information related to the public financial market, particularly regarding healthcare and pharmaceutical companies, since at least 2013. FireEye Hacking FIN4 Dec 2014 FireEye FIN4 Stealing Insider NOV 2014 FIN4 is unique in that they do not infect victims with typical persistent malware, but rather they focus on capturing credentials authorized to access email and other non-public correspondence. FireEye Hacking FIN4 Dec 2014 FireEye Hacking FIN4 Video Dec 2014
Activities and Tactics
Information pending cataloguing.
Notable Campaigns
Information pending cataloguing.
Tactics, Techniques, and Procedures (TTPs)
Information pending cataloguing.
Notable Indicators of Compromise (IOCs)
No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.
Malware and Tools
Information pending cataloguing.
Attribution and Evidence
Information pending cataloguing.
References
[1] MITRE ATT&CK MITRE ATT&CK entry [2] FireEye Hacking FIN4 Dec 2014 [3] FireEye FIN4 Stealing Insider NOV 2014 [4] FireEye Hacking FIN4 Video Dec 2014