FIN7 Abuses Malicious MSIX Packages To Deliver NetSupport RAT
FIN7 is a Russian financially motivated advanced persistent threat (APT) that has been active since 2013 and extensively targets multiple sectors primarily within the United States. The threat actor has been continuously registering malicious typo-squatting domains that can subsequently be utilized in SEO poisoning or spear-phishing campaigns to lure victims into downloading malicious MSIX binaries. Successful infections result in systems infected with variants from the NetSupport RAT family.