It is welcome news that the U.S. law enforcement’s ongoing investigation into the FIN7 group has led to another arrest. FireEye has been tracking FIN7, also sometimes referred to as the Carbanak Group, since 2015. The group is responsible for a number of the most high-profile, financially motivated attacks in recent years. It is infamous for its use of the CARBANAK backdoor to extract payment-card data, although it is important to note that we do not equate all use of this exploit with FIN7 and in recent years we have actually observed them diversifying their malware code and attack techniques. For example, we most recently, reported on FIN7 trying to deliver malware via USB sticks in the US post - possibly using middlemen or an unwitting mule in the US, although concrete evidence remains elusive. This new arrest of Denys Iarmak follows three major arrests the US Department of Justice made in 2018, and we hope will go some way to disrupting FIN7’s cyber crime operators. However, it is important that organisations remain vigilant as FIN7 is just one example of how financially-motivated threat actors are becoming extremely advanced and are capable of inflicting significant harm on organisations through vast, but carefully orchestrated campaigns.  Read Less