2 min read

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

Graham CLULEY

June 25, 2021

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

The Western District of Washington has sentenced a Ukrainian man to seven years in prison for his role in a hacking gang that are estimated to have caused more than one billion dollars worth of damage.

33-year-old Andrii Kolpakov worked for the FIN7 gang (also sometimes known as Carbanak, Navigator Group, or Anunak) which made its fortune targeting retailers, restaurants, and gambling firms in more than 40 countries around the world, stealing tens of millions of payment card details at thousands of business locations. High profile targets of the FIN7 group included the likes of Lord & Taylor, Chipotle Mexican Grill, and Saks Fifth Avenue.

In a typical attack, boobytrapped emails would be sent to targeted companies posing as legitimate communications through cunning use of social engineering. If the recipient opened the included attachment, their computer would be infected by a version of the Carbanak malware.

In some cases telephone calls from the attackers would accompany the sending of the emails, in an attempt to make the emails appear less suspicious.

Kolpakov’s job within the FIN7 group was to manage and co-ordinate other hackers, tasked with breaking into the computer systems of targeted companies. Internally within the gang, Kolpakov was described as a “pen tester.”

Unusually, FIN7 presented itself as a company called Combi Security, which claimed to offer penetration testing services for businesses. In truth, however, the firm had no legitimate customers.

It remains unclear if all of the hackers employed by FIN7/Combi Security and managed by Kolpakov realised that they were in fact breaking the law.

What is clear, however, is that Kolpakov and other members of the FIN7 gang continued their attacks on US businesses even after they became aware that others in the hacking group had been arrested.

After being apprehended himself by Spanish police in 2018, and eventually extradited to the United States, Kolpakov admitted acted working for FIN7 as both a manager and recruiter, hiring and supervising hackers who breached the defences of corporations and stole data.

Kolpakov has also been ordered by the court to pay restitution in the amount of $2.5 million dollars.

Earlier this year, another member of FIN7 was sentenced to 10 years in jail for his involvement in the cybercrime gang’s activities.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fake Walmart press release causes cryptocurrency price surge Fake Walmart press release causes cryptocurrency price surge
Graham CLULEY

September 17, 2021

3 min read
Alleged Russian malware developer arrested after being stranded in South Korea due to COVID-19 pandemic Alleged Russian malware developer arrested after being stranded in South Korea due to COVID-19 pandemic
Graham CLULEY

September 08, 2021

2 min read
Internet Users Lost $8 Million in Extortion Scams in 2021, FBI Warns Internet Users Lost $8 Million in Extortion Scams in 2021, FBI Warns
Alina BÎZGĂ

September 07, 2021

2 min read