Fin7 is a financially-inspired group that has been creating computer threats since the beginning of 2018. One of the new creations of the Fin7 group is a threat named SQLRat, which can be delivered through phishing emails, corrupted email attachments, compromised websites and advertisements, etc. SQLRat can drop files and execute SQL scripts on compromised hosts. The threats created and used by the Fin7 group keep persistence on the infected machine by performing pre-scheduled tasks, whose main objective is to collect financial data.
Since SQLRat will focus on financial information on Point-of-Sales terminals especially, it is paramount that these devices are well-maintained. Their administrators should implant severe security measures, keep their software always up-to-date by applying security patches and taking any other measures to avoid an infection like SQLRat, which can cause financial misplacement and costumers loss.