A Ukrainian citizen has been sentenced to ten years in prison in the Western District of Washington today for his high role in the criminal work of the burglary group FIN7.
Fedir Hladyr, 35, has served as manager and system administrator for FIN7. He was arrested in 2018 at the request of U.S. law enforcement in Dresden, Germany, and was extradited to Seattle, Washington. In September 2019, he pleaded guilty to one charge of conspiracy to commit wire fraud and one charge of conspiracy to commit computer hacking.
“The accused and his conspirators have jeopardized millions of financial bills and caused more than a billion dollars in American losses and costs to the U.S. economy,” Acting Assistant Attorney General Nicholas L. McQuaid said. “The protection of businesses – both large and small – is a top priority for the Department of Justice. The department is committed to holding such cybercriminals accountable with our international partners, no matter where they live or how anonymous they think they are. ”
‘This criminal organization has organized more than 70 people into business units and teams. “Some were hackers, others developed the malware installed on computers, and others produced the malicious emails that tricked the victims into infecting their business systems,” said Western District Attorney Tessa M. Gorman of the Western District of. Washington said. “This defendant worked at the intersection of all these activities and therefore bears great responsibility for billions of damages inflicted on businesses and individual consumers.”
“These cyber thieves have organized an extensive network of hackers and systems to infiltrate businesses and exploit consumers’ personal information,” said Donald M. Voiret, an FBI special agent. “Their specialized skills to target certain industries have increased the damage exponentially. Thanks to the hard work of law enforcement partners, both in the US and abroad, these fraudsters are not out of our reach and they cannot hide from the law. ”
According to documents filed in the case, members of FIN7 (also called Carbanak Group and the Navigator Group, among others) have been conducting a highly sophisticated malware campaign since at least 2015 to attack hundreds of U.S. companies, primarily in the restaurant. , gambling and hospitality industries. FIN7 hacked thousands of computer systems and stole millions of customers’ credit and debit card numbers which were then used or sold for profit. FIN7, through its tens of thousands of members, has launched waves of malicious cyberattacks on numerous businesses operating in the United States and abroad. To run the scheme, FIN7 has carefully compiled emails that seem legitimate to employees of a business, and accompanies emails with phone calls to further legitimize the email. Once a file attached to a fraudulent email has been opened and activated, FIN7 would use a customized version of the Carbanak malware, in addition to an arsenal of other tools, to access the payment card data for the customers of the to acquire business. Since 2015, many of the stolen payment card numbers have been offered for sale via online underground markets.
In the United States alone, FIN7 successfully broke the computer networks of businesses in all 50 states and the District of Columbia, stealing more than 20 million customer card records from more than 6,500 individual sales terminals at more than 3,600 separate business premises. According to court documents, victims incurred enormous costs amounting to billions of dollars. Additional intrusions have occurred abroad, including in the United Kingdom, Australia and France. Companies that have attributed hacks to FIN7 include chains such as Chipotle Mexican Grill, Chili’s, Arby’s, Red Robin and Jason’s Deli.
Hladyr originally joined FIN7 through a front company called Combi Security – a fake cyber security company that had a rogue website and no legitimate customers. Hladyr admitted in his plea agreement that he soon realized that Combi was part of a criminal enterprise rather than a legitimate company. Hladyr serves as FIN7’s system administrator, who played a key role in collecting stolen payment card information, overseeing FIN7’s hackers, and maintaining the extensive network of servers that FIN7 used to attack and hack victims’ computers. control. Hladyr also controlled the organization’s encrypted communication channels.
This case is the result of an investigation conducted by the Seattle Cyber Task Force of the FBI and the US Department of Justice. The Department of Justice’s Department of International Affairs, the National Cyber-Forensic and Training Alliance, numerous computer security firms and financial institutions, FBI offices around the country and the world, as well as a number of international agencies have provided significant assistance. German law enforcement agencies provided significant assistance by arresting Hladyr.
This case was followed by trial attorney Anthony Teelucksingh of the Criminal Division of the Criminal Division and Assistant U.S. Attorneys Francis Franze-Nakamura and Steven Masada of the Western District of Washington.