Cyber Resilience

Threat actor · all actors

FIN8G0061 unknown

aka FIN8, Syssphinx, ATK113, G0061

Last updated: 2026-07-03

0attributed CVEs
56ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[FIN8](https://attack.mitre.org/groups/G0061) is a financially motivated threat group that has been active since at least January 2016, and known for targeting organizations in the hospitality, retail, entertainment, insurance, technology, chemical, and financial sectors. In June 2021, security researchers detected [FIN8](https://attack.mitre.org/groups/G0061) switching from targeting point-of-sale (POS) devices to distributing a number of ransomware variants.(Citation: FireEye Obfuscation June 2017)(Citation: FireEye Fin8 May 2016)(Citation: Bitdefender Sardonic Aug 2021)(Citation: Symantec FIN8 Jul 2023)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
CM-638 / 5668%
SI-438 / 5668%
CM-236 / 5664%
SI-332 / 5657%
AC-626 / 5646%
CM-726 / 5646%
AC-324 / 5643%
CA-724 / 5643%
AC-223 / 5641%
SC-723 / 5641%
AC-420 / 5636%
AC-518 / 5632%
CM-516 / 5629%
IA-216 / 5629%
SI-715 / 5627%

Co-occurring actors

None.

Similar actors

Similar TTPs