A high-level manager and system administrator linked with the FIN7 threat actor has been sentenced to 10 years in prison, the US Department of Justice announced on Friday, 16th April.
Fedir Hladyr, a 35-year-old Ukrainian national, is assumed to have played a crucial role in a criminal plot that compromised tens of millions of debit and credit cards, in addition to aggregating the stolen data, supervising other members of the group, and maintaining the server infrastructure that FIN7 used to attack and control victims’ machines.
The development comes after Hladyr pleaded guilty to conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking in September 2019. He was arrested in Dresden, Germany, in 2018 and extradited to the US City of Seattle. Hladyr has also been ordered to pay $2.5 million in reparation.
“This criminal organization had more than 70 people organized into business units and teams. Some were hackers, others developed the malware installed on computers, and still, others crafted the malicious emails that duped victims into infecting their company systems,” said acting US attorney Tessa A. Gorman.
“This defendant worked at the intersection of all these activities and thus bears a heavy responsibility for billions in damage caused to companies and individual consumers.”
Also called Anunak, Carbanak Group, and the Navigator Group, the malware campaign unleashed by FIN7 is estimated to have caused overall damage of more than $3 billion to banks, merchants, card companies, and consumers.
The attacks involved targeting the gamers, restaurants, and hospitality industries by sending spear-phishing emails containing decoy documents to plunder customer payment card data, which were then used or sold for profit in online underground marketplaces at least since 2015.
In the US alone, FIN7 has been responsible for the theft of more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations. Besides the US, FIN7 attackers left their fingerprints in a string of orchestrated intrusions against resellers in the UK., France, and Australia. Some of its high-profile victims included Chipotle Mexican Grill, Red Robin Chili’s, Arby’s, and Jason’s Deli.
At the sentencing hearing, Hladyr said he had “ruined years of my life and put {his} family through great risk and struggle.”
