High-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in PrisonHigh-Level Admin of FIN7 Cybercrime Group Sentenced to 10 Years in Prison
Fedir Hladyr pleaded guilty in 2019 to conspiracy to commit wire fraud and conspiracy to commit computer hacking.
April 17, 2021
A high-level manager of cybercrime group FIN7, also known as the Carbanak Group and the Navigator Group, has been sentenced to ten years in prison, the Department of Justice reports.
FIN7 has operated since at least 2015 and had more than 70 people organized into business units and teams.. While its activity is global, in the United States, FIN7 has breached corporate computer networks in all 50 states and the District of Columbia. Attackers have stolen more than 20 million payment card records from at least 6,500 point-of-sale terminals at more than 3,600 businesses.
Ukrainian national Fedir Hladyr was a systems administrator for FIN7. He was arrested in Dresden, Germany in 2018 at the request of US law enforcement. In 2019 he pleaded guilty to conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.
To conduct its attacks, FIN7 wrote emails to appear legitimate to an organization's employees and followed up with phone calls to further legitimize their activity. When an email attachment was opened, FIN used a modified version of the Carbanak malware, in addition to other tools, to steal customers' payment card data. Much of this data has been sold on the Dark Web.
As systems administrator for FIN7, Hladyr played a core role in aggregating stolen data, supervising other criminals in the group, and maintaining the network of servers that FIN7 used to target and control victims' machines. He also handled FIN7's encrypted communication channels, officials report.
At today's sentencing hearing, Chief US District Judge Ricardo Martinez said cybercriminals must be deterred by long sentences, noting that would-be attackers "must understand that, once caught, the punishment will be significant."
Read the full Justice Department release for more details.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Gone Phishing: How to Defend Against Persistent Phishing Attempts Targeting Your Organization
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report
Build a Case for a Password Manager