0attributed CVEs
16ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[FIN5](https://attack.mitre.org/groups/G0053) is a financially motivated threat group that has targeted personally identifiable information and payment card information. The group has been active since at least 2008 and has targeted the restaurant, gaming, and hotel industries. The group is made up of actors who likely speak Russian. (Citation: FireEye Respond Webinar July 2017) (Citation: Mandiant FIN5 GrrCON Oct 2016) (Citation: DarkReading FireEye FIN5 Oct 2015)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
CM-6 | 10 / 16 | 62% |
SI-4 | 10 / 16 | 62% |
CM-2 | 9 / 16 | 56% |
AC-3 | 8 / 16 | 50% |
CA-7 | 8 / 16 | 50% |
AC-6 | 7 / 16 | 44% |
AC-2 | 6 / 16 | 38% |
AC-5 | 6 / 16 | 38% |
CM-7 | 6 / 16 | 38% |
SI-3 | 6 / 16 | 38% |
SI-7 | 6 / 16 | 38% |
AC-17 | 5 / 16 | 31% |
IA-2 | 5 / 16 | 31% |
RA-5 | 4 / 16 | 25% |
SC-7 | 4 / 16 | 25% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- C0032 0.26
- Play 0.24
- FIN10 0.22
- Agrius 0.21
- 2015 Ukraine Electric Power Attack 0.21