Mandiant: Financial-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. FIN11 has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to networks, in addition to deploying point-of-sale malware targeting financial, retail, restaurant, and pharmaceutical sectors. Mandiant notes significant overlap in TTPs with another threat group that’s behind Dridex banking Trojan and Locky ransomware that’s delivered through malspam campaigns.
Source: https://thehackernews.com/2020/10/fin11-hackers-spotted-using-new.html