As a "high-level hacker" for the financially motivated group FIN7, a 32-year-old Ukrainian national was sentenced to five years behind bars in the United States.
A penetration tester for the cartel from November 2016 to November 2018, Denys Iarmak was arrested in Thailand in November 2019 and extradited to the United States of America in May of the following year.
Iarmak pled guilty to two counts of conspiracy: one of wire fraud and one of computer hacking in November 2021.
At least a half-dozen attacks using the code FIN7 have been linked to the theft of more than 20 million credit card numbers from more than 3,600 U.S. business locations, costing the victims $1 billion.
Carbanak Group and Navigator Group, a criminal gang that has been stealing credit and debit card numbers from the restaurant, gambling, and hospitality industries since at least 2015, have a history of doing so.
United States Attorney Nicholas Brown of Washington's Western District said of Iarmak, "Mr. Iarmak was directly involved in designing phishing emails embedded with malware, invading victim networks, and extracting data such as payment card information." As if things couldn't get any worse, even after the arrest and prosecution of his fellow conspirators, he continued to work with the FIN7 organization.
The defendant allegedly used Atlassian's Jira project management and issue tracking software to coordinate and share details about various intrusions carried out by the group, according to court documents released by the DoJ.
At the same time, the DoJ stated, "FIN7 members tracked their progress breaching a target's security by uploading data stolen from the victim and providing guidance to one another."
Fedir Hladyr and Andrii Kolpakov, members of the FIN7 collective, were sentenced to ten and seven years in prison in April and June of last year, respectively.
When Mandiant revealed that FIN7 had evolved into an extremely resilient cyber crime syndicate, it called attention to 17 previously unidentified clusters of activity over a multi-year time span, as well as to its upgraded attack toolkit, new initial access techniques, and its shift to ransomware as a means of generating revenue from its attacks.
Post a Comment
Your suggestions and comments are welcome