Home » Malwares » News Room » SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

Disclosure: All information on this site is harmless and purely for educational purposes which is why we post only authentic, unbiased information! The affiliate links are really there for discounts for our readers and for us to earn small commissions that help us stay afloat! Thanks!

A high-level manager and system administrator linked with the FIN7 threat actor has been sentenced to 10 years in prison, the US Department of Justice announced on Friday, 16th April.

Fedir Hladyr, a 35-year-old Ukrainian national, is assumed to have played a crucial role in a criminal plot that compromised tens of millions of debit and credit cards, in addition to aggregating the stolen data, supervising other members of the group, and maintaining the server infrastructure that FIN7 used to attack and control victims’ machines.

The development comes after Hladyr pleaded guilty to conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking in September 2019. He was arrested in Dresden, Germany, in 2018 and extradited to the US City of Seattle. Hladyr has also been ordered to pay $2.5 million in reparation.

“This criminal organization had more than 70 people organized into business units and teams. Some were hackers, others developed the malware installed on computers, and still, others crafted the malicious emails that duped victims into infecting their company systems,” said acting US attorney Tessa A. Gorman.

“This defendant worked at the intersection of all these activities and thus bears a heavy responsibility for billions in damage caused to companies and individual consumers.”

Also called Anunak, Carbanak Group, and the Navigator Group, the malware campaign unleashed by FIN7 is estimated to have caused overall damage of more than $3 billion to banks, merchants, card companies, and consumers.

The attacks involved targeting the gamers, restaurants, and hospitality industries by sending spear-phishing emails containing decoy documents to plunder customer payment card data, which were then used or sold for profit in online underground marketplaces at least since 2015.

In the US alone, FIN7 has been responsible for the theft of more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations. Besides the US, FIN7 attackers left their fingerprints in a string of orchestrated intrusions against resellers in the UK., France, and Australia. Some of its high-profile victims included Chipotle Mexican Grill, Red Robin Chili’s, Arby’s, and Jason’s Deli.

At the sentencing hearing, Hladyr said he had “ruined years of my life and put {his} family through great risk and struggle.”


Unlock the power of online security with our in-depth reviews and expert insights. Discover the best VPNs, password managers, and privacy tools to safeguard your digital world.