2 min read

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

Graham CLULEY

June 25, 2021

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

The Western District of Washington has sentenced a Ukrainian man to seven years in prison for his role in a hacking gang that are estimated to have caused more than one billion dollars worth of damage.

33-year-old Andrii Kolpakov worked for the FIN7 gang (also sometimes known as Carbanak, Navigator Group, or Anunak) which made its fortune targeting retailers, restaurants, and gambling firms in more than 40 countries around the world, stealing tens of millions of payment card details at thousands of business locations. High profile targets of the FIN7 group included the likes of Lord & Taylor, Chipotle Mexican Grill, and Saks Fifth Avenue.

In a typical attack, boobytrapped emails would be sent to targeted companies posing as legitimate communications through cunning use of social engineering. If the recipient opened the included attachment, their computer would be infected by a version of the Carbanak malware.

In some cases telephone calls from the attackers would accompany the sending of the emails, in an attempt to make the emails appear less suspicious.

Kolpakov’s job within the FIN7 group was to manage and co-ordinate other hackers, tasked with breaking into the computer systems of targeted companies. Internally within the gang, Kolpakov was described as a “pen tester.”

Unusually, FIN7 presented itself as a company called Combi Security, which claimed to offer penetration testing services for businesses. In truth, however, the firm had no legitimate customers.

It remains unclear if all of the hackers employed by FIN7/Combi Security and managed by Kolpakov realised that they were in fact breaking the law.

What is clear, however, is that Kolpakov and other members of the FIN7 gang continued their attacks on US businesses even after they became aware that others in the hacking group had been arrested.

After being apprehended himself by Spanish police in 2018, and eventually extradited to the United States, Kolpakov admitted acted working for FIN7 as both a manager and recruiter, hiring and supervising hackers who breached the defences of corporations and stole data.

Kolpakov has also been ordered by the court to pay restitution in the amount of $2.5 million dollars.

Earlier this year, another member of FIN7 was sentenced to 10 years in jail for his involvement in the cybercrime gang’s activities.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraudsters Impersonate Registered Brokers to Swindle Investors, the FBI Warns Fraudsters Impersonate Registered Brokers to Swindle Investors, the FBI Warns
Alina BÎZGĂ

August 03, 2021

2 min read
Brits Lost Over £2.5 Million in Pet Fraud Since 2020 Brits Lost Over £2.5 Million in Pet Fraud Since 2020
Alina BÎZGĂ

August 02, 2021

2 min read
Threat Actors Impersonate Standard Chartered Bank To Spread FormBook Malware Threat Actors Impersonate Standard Chartered Bank To Spread FormBook Malware
Alina BÎZGĂ

July 28, 2021

2 min read