Recent attacks associated with the financially-motivated threat group FIN7 were using an application shim database to achieve persistence on systems, FireEye security researchers discovered.
Article Link: http://feedproxy.google.com/~r/Securityweek/~3/R-MUL6lemYg/carbanak-hackers-use-shims-process-injection-persistence