Threat actor · all actors
FIN4G0085 state
🇷🇴 RO
aka FIN4, WOLF SPIDER, G0085
Last updated: 2026-07-03
About this actor
[FIN4](https://attack.mitre.org/groups/G0085) is a financially-motivated threat group that has targeted confidential information related to the public financial market, particularly regarding healthcare and pharmaceutical companies, since at least 2013.(Citation: FireEye Hacking FIN4 Dec 2014)(Citation: FireEye FIN4 Stealing Insider NOV 2014) [FIN4](https://attack.mitre.org/groups/G0085) is unique in that they do not infect victims with typical persistent malware, but rather they focus on capturing credentials authorized to access email and other non-public correspondence.(Citation: FireEye Hacking FIN4 Dec 2014)(Citation: FireEye Hacking FIN4 Video Dec 2014)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 16 / 20 | 80% |
CM-6 | 15 / 20 | 75% |
CA-7 | 14 / 20 | 70% |
AC-4 | 13 / 20 | 65% |
CM-2 | 13 / 20 | 65% |
SI-3 | 13 / 20 | 65% |
SC-7 | 12 / 20 | 60% |
CM-7 | 11 / 20 | 55% |
SI-7 | 8 / 20 | 40% |
AC-3 | 7 / 20 | 35% |
SC-44 | 6 / 20 | 30% |
SI-10 | 6 / 20 | 30% |
SI-2 | 6 / 20 | 30% |
SI-8 | 6 / 20 | 30% |
SC-20 | 5 / 20 | 25% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- 2015 Ukraine Electric Power Attack 0.32
- C0011 0.31
- Windshift 0.29
- Rancor 0.29
- Machete 0.28
Same category
- Night Dragon 1.00
- FunnyDream 1.00
- C0011 1.00
- Operation Wocao 1.00
- Operation Dream Job 1.00