Hacker who Hit Canadian Gold Mines & Casinos Plotting New Attacks


Researchers at cybersecurity firm FireEye have warned that the same hacker or hacking group who previously targeted Canadian casinos and mining companies is now looking for new targets and planning more attacks.

Dubbed FIN10, the hacker or hacking group is believed to be behind corporate breaches in the past, breaking into and stealing gigabytes of sensitive company data before holding them for bitcoin ransoms. The devious hacker also publicized the stolen information by contacting bloggers to spread knowledge of stolen company data.

FireEye claimed FIN10’s previous operational successes have made campaigns in the future to be “highly probable”. While no details of its previous victims are revealed, it is believed that the attacks struck the world’s third-largest gold miner by market cap, Goldcorp, a smaller gold miner called Detour Gold and the Casino Rama Resort in Canada, according to Reuters.

The security firm claims that FIN10 wend with the moniker Angels_of_Truth at least once during its attacks. The hacker group reportedly chose its Canadian targets following sanctions by Canada against Russia. AS mentioned earlier, the hackers contacted databreach web resource databreaches.net between April and June 2015 to take responsibility for the Detour breach. Databreaches.net also reported the Goldcorp breach in April 2016. A separate tech blog, the Daily Dot, published details of Goldcorp’s breach before the company confirmed the attack.

Since those attacks, Canadian miners have formed an industry group to share information on cyber threats. Vancouver-based Goldcorp has also bolstered its network defenses and increased its security protocols while revamping its IT processes. In its effort to be more secure, the miner is also educating its staff about cyberattacks and ways in being alert against the threat of phishing scams and more.

Charles Carmakal, vice president at FireEye’s Mandiant, further revealed that FIN10 is still keeping communication with some if victims. He added that more targets are likely to “become aware of the threat in the coming weeks or months.”

Image credit: Pixabay.