FIN6 cybercrime group has taken a step toward increased monetization of intrusions and added ransomware to its portfolio. The gang is known for compromising point-of-sale systems, but recent incidents show that FIN6 expanded its activity to other types of targets. The companies that fell victim to the group’s new extortion activities lost tens of millions of dollars, FireEye says in a blog post published today. FireEye traced these ransomware intrusions to July 2018 and as their frequency increased, attacks on PoS environments launching TRINITY malware waned.
Source: https://www.bleepingcomputer.com/news/security/fin6-group-diversifies-activity-uses-lockergoga-and-ryuk-ransomware/