FIN8 APT Delivers BlackCat Ransomware Using Sardonic Backdoor Variant
FIN8 APT Delivers BlackCat Ransomware Using Sardonic Backdoor Variant
20 July 2023
Symantec's Threat Hunter Team found a new variant of the FIN8’s Sardonic backdoor used to deliver the Noberus ransomware. In this new version, the group behind Sardonic has reworked most of its code, most likely to avoid detection. Organizations are recommended to monitor the networks and the latest versions of PowerShell logged into systems.