From cyberscoop.com
The long-running cybercrime group FIN7, known for breaking into payment systems and corporate networks, has been moving into ransomware operations, according to researchers at security firm Mandiant.
The company said it has identified increased data-theft extortion or ransomware deployment associated with FIN7 attacks in recent years. Ransomware strains used in connection with the group’s operators include Maze, Ryuk and ALPHV — also known as BlackCat — the researchers said Monday.