NEW: Group Profiler — instant APT intel lookup. Try it →

← threatfilter.dev / all groups / FIN5

FIN5

Overview

FIN5 is a financially motivated threat group that has targeted personally identifiable information and payment card information. The group has been active since at least 2008 and has targeted the restaurant, gaming, and hotel industries. The group is made up of actors who likely speak Russian.

TTPs — 11 techniques across 9 tactics

Resource Development

Persistence

Stealth

Defense Impairment

Credential Access

Discovery

Collection

Command and Control

Tools & malware (6)

Windows Credential Editor · PsExec · FLIPSIDE · pwdump · SDelete · RawPOS

Reporting (3)