A high-level manager and systems administrator associated with
the FIN7 threat actor[1]
has been sentenced to 10 years in prison, the U.S. Department of
Justice announced Friday.
Fedir Hladyr, a 35-year-old Ukrainian national, is said
to have played a crucial role in a criminal scheme that compromised
tens of millions of debit and credit cards, in addition to
aggregating the stolen information, supervising other members of
the group, and maintaining the server infrastructure that FIN7 used
to attack and control victims’ machines.
The development comes after Hladyr pleaded guilty to conspiracy
to commit wire fraud and one count of conspiracy to commit computer
hacking in September 2019. He was arrested in Dresden, Germany, in
2018 and extradited to the U.S. city of Seattle. Hladyr has also
been ordered to pay $2.5 million in restitution.
“This criminal organization had more than 70 people organized
into business units and teams. Some were hackers, others developed
the malware installed on computers, and still others crafted the
malicious emails that duped victims into infecting their company
systems,” said[2]
Acting U.S. Attorney Tessa A. Gorman.
“This defendant worked at the intersection of all these
activities and thus bears heavy responsibility for billions in
damage caused to companies and individual consumers.”
Also called Anunak, Carbanak Group[3], and the Navigator
Group, the malware campaign unleashed by FIN7[4]
is estimated to have caused overall damage of more than $3 billion
to banks, merchants, card companies, and consumers.
The attacks involved targeting the restaurant, gaming, and
hospitality industries by sending spear-phishing emails containing
decoy documents with the goal of plundering customer payment card
data, which were then used or sold for profit in online underground
marketplaces at least since 2015.
In the U.S. alone, FIN7 has been responsible for the theft of
more than 20 million customer card records from over 6,500
individual point-of-sale terminals at more than 3,600 separate
business locations. Besides the U.S., FIN7 attackers left their
fingerprints in a string of orchestrated intrusions against
retailers in the U.K., Australia, and France. Some of its
high-profile victims included Chipotle Mexican Grill, Chili’s,
Arby’s, Red Robin, and Jason’s Deli.
At the sentencing hearing, Hladyr said he had “ruined years of
my life and put [his] family through great risk and struggle.”
References
- ^
FIN7
threat actor (thehackernews.com) - ^
said
(www.justice.gov) - ^
Carbanak
Group (thehackernews.com) - ^
FIN7
(malpedia.caad.fkie.fraunhofer.de)
Read more http://feedproxy.google.com/~r/TheHackersNews/~3/36kinOM_Cpg/sysadmin-of-billion-dollar-hacking.html