The highly active threat group FIN7 has been continuously broadening their cybercrime horizons and recently added ransomware to its attack arsenal. FIN7 group is known to hold a notorious status due to their achievement in deploying extensive backdoors in leveraging software supply chains, distributing malicious USB sticks, and cooperating with other groups. PTI team obtained visibility into the inner workings of the FIN7 threat group and managed to gain information about their organizational structures, identities, attack vectors, infrastructures, proof-supported affiliations with other ransomware groups (such as DarkSide, who were behind the Colonial Pipeline attack in 2021), victim targeting, and other relevant observations. All of the findings are supported by translated conversations among the members of FIN7, including screenshots of their infrastructures.