FireEye Tracks Hacker Group ‘FIN4’ that Steals Insider Information

FireEye Tracks Hacker Group ‘FIN4’ that Steals Insider Information

FireEye Inc (NASDAQ:FEYE), a network security company revealed that it is tracking a group of cyber criminals stealing insider information to obtain an advantage in stock trading.

Play Quizzes 4

FIN4’s primary targets

The network security company named the hacker group “FIN4,” which targets the e-mail accounts of persons (senior executives, legal counsels, researchers, scientists etc.) who have knowledge about the most confidential information of more than 100 companies.

This Too Value Fund Explains Why Turkey Is Ripe For Investment Right Now

TurkeyThe Talas Turkey Value Fund returned 9.5% net for the first quarter on a concentrated portfolio in which 93% of its capital is invested in 14 holdings. The MSCI Turkey Index returned 13.1% for the first quarter, while the MSCI All-Country ex-USA was down 5.4%. Background of the Talas Turkey Value Fund Since its inception Read More

FIN4 is focused on obtaining non-public information about mergers & acquisition (M&A) transactions and market-moving announcements particularly in the healthcare and pharmaceutical industries.

“We believe FIN4 heavily targets healthcare and pharmaceutical companies as stocks in these industries can move dramatically in response to news of clinical trial results, regulatory decisions, or safety and legal issues,” according to FireEye Inc (NASDAQ:FEYE).

The network security company noted that the cyber criminals appear to have a deep understanding with business deals and corporate communications as well as their impact to the financial markets.

FireEye says FIN4 does infect targets with malware

According to FireEye Inc (NASDAQ:FEYE), the hacker group does not infect its targets with malware to gain access to insider information. The cyber criminals lure their targets with stolen documents from actual deal discussions.

The network security firm found that the cyber criminals organizes the target of their operation with more than 70 campaign codes, which serves as labels to identify the source of the stolen usernames and passwords.

FIN4 campaign code sample

Spearphising themes

The spearphising themes of the hacker group demonstrate familiarity in the financial markets and are written by native English speakers. The phishing e-mails normally presents shareholder and public disclosure concerns.

Aside from using stolen documents as a lure, FireEye also noted that FIN4 occasionally uses generic lures such as using an existing e-mail thread to a victim’s inbox to spread their weaponized document.

FIN4 spearphishing

“We’ve seen the actors seamlessly inject themselves into email threads. FIN4’s emails would be incredibly difficult to distinguish from a legitimate email sent from a previously compromised victim’s email account. The actors have also Bcc’d all recipients, making it even more difficult for recipients to decipher a malicious email from a legitimate one,” according to FireEye Inc (NASDAQ:FEYE).

The network security company said its visibility to hacker group’s network of operations is limited, and it is uncertain about the next move of the group after gaining access to insider information.

FireEye Inc (NYSE:FEYE) believed that the cyber criminals must be reaping enough benefits given the fact that they are supporting their operations for more than a year, and continues to target new victims.

Updated on

Marie received her Bachelors Degree in Mass Communication from New Era University. She is a former news writer and program producer for Nation Broadcasting Corporation (NBC-DZAR 1026), a nationwide AM radio station. She was also involved in events management. Marie was also a former Young Ambassador of Goodwill during the 26th Ship for Southeast Asian Youth Program (SSEAYP). She loves to read, travel and take photographs. She considers gardening a therapy.
Previous article Julian Robertson Still Bullish On Apple Inc.
Next article Trading ETFs in the Secondary Market [ANALYSIS]

No posts to display