Financially-Motivated FIN7 Hacking Group Continues Operations While Its IT Admin Pleads Guilty
- FIN7’s admin pleaded guilty to wire fraud and conspiracy to commit computer hacking as part of a deal with prosecutors.
- The accused pleaded guilty to only two of the 26 charges against him. His sentencing is due December 13.
What transpired in the courtroom: Fedir Hladyr, a 34-year-old computer analyst and administrator from Ukraine of the FIN7 hacker group, was arrested last year in Dresden, Germany.
- Hladyr pleaded guilty after appearing in a courtroom in the Western District of Washington on Wednesday.
- Hladyr pleaded guilty for his active role in the group that stole over $1 billion through cybercrime activities worldwide.
- According to the defense attorney, Hladyr pleaded guilty to wire fraud and conspiracy to commit computer hacking as a part of the deal with prosecutors that will account to a prison term of not more than 25 years.
“[Hladyr] was facing multiple sentences of life in jail based on the dollar amount and the number of people harmed, which is 90% of the argument,” said defense attorney Arkady Bukh. “At this time, the government gave us a certain level of leniency and will basically limit his legal exposure to 25 years.”
Accused’s job-crimes: Prosecutors said, he served as “a high-level systems administrator” for FIN7.
- Hladyr controlled a private HipChat instant messaging chat and helped the hacker team to upload malicious software code to steal payment card data and take screenshots.
- He maintained and organized the Jira project; a tracking software where the group would upload malicious files and robbed people of their credentials including usernames and passwords.
- A FIN7 hacker, with Hladyr’s help, used the email address “firstname.lastname@example.org” to scam employees at victim companies.
What does it mean the DoJ:
- It marks a significant win for the Department of Justice, which for years has struggled to apprehend, extradite, and convict the cybercriminals suspected in attacks against U.S. companies.
- Hladyr is the first member of the group to be found guilty of hacking-related crimes in the U.S. court.
Worth noting: Hladyr pleaded guilty to only two of the 26 charges against him.
- Charges that were dropped included allegations of aggravated identity theft, access device fraud and intentional damage to a protected computer.
- For now, Hladyr will be punished for wire fraud and conspiracy to commit computer hacking.
A quick overview of FIN7: The group has been primarily targeting the U.S. retail, restaurant, and hospitality sectors since mid-2015.
- FIN7 is sometimes referred to as Carbanak Group, but these appear to be two groups using the same Carbanak malware.
- It is accused of stealing more than 15 million credit card numbers from victims including Chipotle, Red Robin, Saks Fifth Avenue, Whole Foods and other retailers and restaurants in 47 states.
- The group often uses point-of-sale malware to steal sensitive information.
- Last year, it was blamed for causing a loss of more than $1 billion.
- Surprisingly, the group remains active, despite Hladyr’s arrest.