Fin6/Magecart Group 6 (MG6): On Wednesday, October 9th, 2019 it was reported that the cloud hosting website Volusion was the most recent victims from an attack known by the umbrella term Magecart. Originally, no specific group was determined to be behind the attack, but after further analysis by Trend Micro, they believe that this attack was carried out by the threat group Fin6, also known as Magecart Group 6. The group has been in the news more recently for being linked to other financially motivated crimes, including other Magecart attacks. Fin6 has been known in the past to register servers and domains using naming conventions that are similar to their victims’ names, which was seen in this attack. The group is also known to go after high profile, top-tier victims, which would include companies like Volusion due to their size and client base. Finally, Trend Micro was able to link the malware that was being used to previous attacks on British Airways and Newegg, which were attacked by Fin6. The malware seemed to be a new and improved version but still had relevant similarities.
Binary Defense was contacted by an individual who was recently scammed out of $4,000 through