A new backdoor under active development by the FIN8 cybercrime group has been identified in the wake of a failed attack on an unnamed U.S. financial institution.
The backdoor, dubbed Sardonic, is a powerful and versatile piece of malware that allows attackers to deploy new threats on the fly, without the need to add or update components.
FIN8 is financially motivated, typically targeting the hospitality, healthcare, retail, restaurant, and entertainment industries with the goal of stealing payment credentials. The organization has been around since at least 2016, and targeted more than 100 organizations in North America during their first year of operations alone.
Sardonic is already detected by the behavioral detection engine in Acronis Cyber Protect, which uses machine intelligence to recognize and block even new, undocumented threats — keeping your systems and data safe.