During a recent investigation, our researchers encountered a new version of the BADHATCH malware used by the well-known threat actor, FIN8. We previously reported that FIN8 was working on a new version of the BADHATCH malware - and this recent attack supports our findings and conclusions. FIN8 is known for taking extended breaks to improve their tactics, techniques, and procedures (TTPs) which increases their success rate. With each new version of their toolkit, they start with small tests on a limited pool of victims before launching a full-scale attack.
