GOLD WINDSOR

GOLD WINDSOR, also known as FIN9, was a financially motivated cybercriminal threat group implicated in the April 2019 breach of Indian IT outsourcing organization Wipro. GOLD WINDSOR is known to target IT services organizations and leverage access to target that organization's customers. According to reporting from Mandiant, the threat actors then target database and other backend systems that allow them to issue and cash-out gift cards. No additional third-party reports or CTU observations have been made since 2019 and this threat group is considered inactive.