June 16, 2017 by

Hacker who Hit Canadian Gold Mines & Casinos Plotting New Attacks

Researchers at cybersecurity firm FireEye have warned that the same hacker or hacking group who previously targeted Canadian casinos and mining companies is now looking for new targets and planning more attacks.

Dubbed FIN10, the hacker or hacking group is believed to be behind corporate breaches in the past, breaking into and stealing gigabytes of sensitive company data before holding them for bitcoin ransoms. The devious hacker also publicized the stolen information by contacting bloggers to spread knowledge of stolen company data.

FireEye claimed FIN10’s previous operational successes have made campaigns in the future to be “highly probable”. While no details of its previous victims are revealed, it is believed that the attacks struck the world’s third-largest gold miner by market cap, Goldcorp, a smaller gold miner called Detour Gold and the Casino Rama Resort in Canada, according to Reuters.

The security firm claims that FIN10 wend with the moniker Angels_of_Truth at least once during its attacks. The hacker group reportedly chose its Canadian targets following sanctions by Canada against Russia. AS mentioned earlier, the hackers contacted databreach web resource databreaches.net between April and June 2015 to take responsibility for the Detour breach. Databreaches.net also reported the Goldcorp breach in April 2016. A separate tech blog, the Daily Dot, published details of Goldcorp’s breach before the company confirmed the attack.

Since those attacks, Canadian miners have formed an industry group to share information on cyber threats. Vancouver-based Goldcorp has also bolstered its network defenses and increased its security protocols while revamping its IT processes. In its effort to be more secure, the miner is also educating its staff about cyberattacks and ways in being alert against the threat of phishing scams and more.

Charles Carmakal, vice president at FireEye’s Mandiant, further revealed that FIN10 is still keeping communication with some if victims. He added that more targets are likely to “become aware of the threat in the coming weeks or months.”

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

UK Cybersecurity Chief Blames Russia for Cyberattacks

The head of the UK GCHQ’s National Cyber Security Centre (NCSC) has accused Russia of staging...

Read more arrow_forward

US Identifies Six Russian Govt Officials Involved in DNC Hack

The US Justice Department has reportedly gathered enough evidence to charge six Russian government...

Read more arrow_forward

Energy Secretary: Cyber Threat to American Nuclear Facilities are Real

The FBI and the DHS have issued a joint report alleging that hackers are targeting key installations...

Read more arrow_forward