One of the administrator-level perpetrators of the infamous FIN7 hacker gang has been sentenced to 10 years of prison by the U.S Justice enforcement.
The FIN7 Hacker Gang:
To the unaware, FIN7 is a Russian criminal APT group that has primarily targeted the major U.S. retail, restaurant, and hospitality sectors since mid-2015.
FIN7 has been reported to be in the mal-operations since at least 2015 when it made major news rounds for targeting U.S.-based organizations.
Speculated to be a team of 70 hackers, the FIN7 hacker group hacked corporate computer networks in all 50 states and the District of Columbia. The Hacker gang has extorted more than 20 million payment card records from at least 6,500 point-of-sale terminals at more than 3,600 businesses.
Sentenced a decade:
The sentenced, Fedir Hladyr, was a Ukrainian citizen who pleaded guilty back in 2019 for conspiring to commit wire fraud and computer hacking.
Hladyr was a high-level systems administrator for FIN7 and was arrested in Dresden, Germany in 2018 at the request of U.S. law enforcement.
While perpetrating theory cyberattacks, the FIN7 hacker gang wrote seemingly authentic appearing emails to a target organization’s employees and followed up with phone calls to legitimize their activity.
When an email containing an attachment was forwarded to the employees and was opened, the hacker gang used a modified version of the Carbanak malware, in addition to other tools, to steal customers’ payment card data.
It was also reported that much of this extorted data was sold on the Dark Web.
Fedir Hladyr, being one of the core systems administrators, acted as a crucial catalyst in amassing the stolen information and data, managing other criminals in the group, and maintaining the network of servers that FIN7 used to target and control victims’ machines.
He was also responsible for encrypting the communication channels of FIN7, officials reported.
At the hearing, Chief US District Judge Ricardo Martinez stated that cybercriminals must be impeded by long sentences, noting that would-be attackers “must understand that, once caught, the punishment will be significant.”