2 min read

Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree

Graham CLULEY

April 19, 2021

Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree
  • Notorious FIN7 gang stole payment card details from retailers around the world
  • Cybercrime gang posed as penetration testing firm to recruit hackers

A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

35-year-old Ukrainian national Fedir Hladyr worked as the sysadmin for the FIN7 gang (also sometimes known as Carbanak, Navigator Group, or Anunak) which made its fortune targeting retailers, restaurants, and gambling firms in more than 40 countries across the globe, stealing 20 million customer card records at thousands of business locations. FIN7’s high profile targets included the likes of Lord & Taylor and Saks Fifth Avenue.

Typically, the FIN7 gang sent out carefully-crafted emails that posed as legitimate business communications and used social engineering techniques to trick recipients into clicking on the malicious attachments. In some cases telephone calls from the attackers would accompany the sending of the emails, in an attempt to make the emails appear less suspicious.

Malware installed through the poisoned attachment would be used alongside other hacking tools to spread laterally through networks, and seek out point-of-sale (POS) systems in order to steal sensitive payment card details as payment card transactions were made at thousands of retail locations.

More details on how the malware operated can be read about in this technical paper by Bitdefender Labs.

Many of the stolen payment card details were later made available for sale by FIN7 on underground forums to other cybercriminals.

FIN7 operated a front company called Combi Security, which claimed to offer penetration testing services.

On its website, Combi Security described itself as “one of the leading international companies in the field of information security.”

But in truth it was a means to recruit other hackers into the criminal operation.

Combi Security had no legitimate customers, but that didn’t stop it hiring people like Hladyr who in his management position supervised FIN7’s hackers, maintained FIN7’s Command & Control servers, and aggregated stolen payment card information. Crucially, Hladyr was also in control of the criminal organisation’s encrypted instant messaging channel.

Hladyr was the first member of the FIN7 gang to be apprehended when he was arrested in the city of Dresden in 2018, and then extradited from Germany to the United States.

At the end of last week Hladyr was sentenced to prison for ten years for his involvement in the gang’s cybercriminal activities.

“This criminal organization had more than 70 people organized into business units and teams. Some were hackers, others developed the malware installed on computers, and still others crafted the malicious emails that duped victims into infecting their company systems,” said Acting US Attorney Tessa M. Gorman of the Western District of Washington. “This defendant worked at the intersection of all these activities and thus bears heavy responsibility for billions in damage caused to companies and individual consumers.”

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Romance scammers arrested in Texas for defrauding elderly lonely hearts Romance scammers arrested in Texas for defrauding elderly lonely hearts
Graham CLULEY

September 28, 2021

3 min read
iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find
Silviu STAHIE

September 27, 2021

1 min read
Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement
Silviu STAHIE

September 27, 2021

1 min read