POST Online Media Lite Edition



 

Ukrainian member of FIN7 hacking group sentenced for compromising tens of millions of debit and credit cards

Christian Fernsby |
A Ukrainian man was sentenced in the Western District of Washington to 5 years in prison for his criminal work in the hacking group FIN7.

Article continues below




Denys Iarmak served as a high-level hacker, whom the group referred to as a “pen tester,” for FIN7. He was arrested in Bangkok, Thailand in November 2019 at the request of U.S. law enforcement.

At the sentencing hearing Chief U.S. District Judge Ricardo S. Martinez noted that Iarmak had been in custody during both the COVID pandemic and now the war in Ukraine.

“There is some irony, that the nation you were plundering is now leading an international effort to protect your country, your people, your family.”

Iarmak is the third FIN7 member of the group to be sentenced in the United States. On April 16, 2021, FIN7 member Fedir Hladyr was sentenced to 10 years in prison. On June 24, 2021, FIN7 member Andrii Kolpakov was sentenced to seven years in custody.

In the United States alone, FIN7 successfully breached the computer networks of businesses in all 50 states and the District of Columbia, stealing more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations.

According to court documents, victims incurred enormous costs that, according to some estimates, exceeded $1 billion dollars. Additional intrusions occurred abroad, including in the United Kingdom, Australia, and France. Companies that have publicly disclosed hacks attributable to FIN7 include such chains as Chipotle Mexican Grill, Chili’s, Arby’s, Red Robin, and Jason’s Deli.

“Iarmak and his conspirators compromised millions of financial accounts, causing over a billion dollars in losses to Americans and costs to America’s economy,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division.

“Protecting businesses – both large and small – online is a top priority for the Department of Justice. We are committed to working with our international partners to hold such cyber criminals accountable, no matter where they live or how anonymous they think they are.”

“Mr. Iarmak was directly involved in designing phishing emails embedded with malware, intruding on victim networks, and extracting data such as payment card information,” said U.S. Attorney Nicholas W. Brown of the Western District of Washington.

“To make matters worse, he continued his work with the FIN7 criminal enterprise even after the arrests and prosecution of co-conspirators. He and others in this cybercrime group used hacking techniques to essentially rob thousands of locations of multiple restaurant chains at once, from the comfort and safety of their keyboards in distant countries.”

“This cyber-criminal probed and mapped victims’ networks searching for data to exploit,” said Special Agent in Charge Donald M. Voiret of the FBI’s Seattle Field Office.

“Masquerading as a legitimate business, the hacking group he belonged to recruited other members to assist with their criminal activities. Thanks to the hard work of law enforcement, this defendant, who is responsible for an enormous loss amount, will be spending the next few years in prison.”

According to court documents, since at least 2015, members of FIN7 (also referred to as Carbanak Group and the Navigator Group, among other names) engaged in a highly sophisticated malware campaign to attack hundreds of U.S. companies, predominantly in the restaurant, gambling, and hospitality industries.

FIN7 hacked into thousands of computer systems and stole millions of customer credit and debit card numbers that were then used or sold for profit. FIN7, through its dozens of members, launched waves of malicious cyberattacks on numerous businesses operating in the United States and abroad.

To execute its scheme, FIN7 carefully crafted email messages that would appear legitimate to a business’ employees and accompanied emails with telephone calls intended to further legitimize the emails. Once a file attached to a fraudulent email was opened and activated, FIN7 would use an adapted version of the Carbanak malware, in addition to an arsenal of other tools, to access and steal payment card data for the business’s customers.

Since 2015, many of the stolen payment card numbers have been offered for sale through online underground marketplaces.

Iarmak was involved with FIN7 from approximately November 2016 through November 2018. Iarmak frequently used project management software such as JIRA, hosted on private virtual servers in various countries, to coordinate FIN7 malicious activity and to manage the assorted network intrusions. JIRA is a project management and issue-tracking program used by software development teams. JIRA allows team members to create “projects” containing posted “issues” under which other team members can make comments and share data.

Under each issue, FIN7 members tracked their progress breaching a victim’s security, uploaded data stolen from the victim, and provided guidance to each other.

As one example, Iarmak created a JIRA issue, to which he and other members of the cybergroup had access, for a specific victim company, and, on or about March 3, 2017, Iarmak updated that JIRA and uploaded data he had stolen from that company.

During the course of the scheme, Iarmak received compensation for his participation in FIN7, which far exceeded comparable legitimate employment in Ukraine. Moreover, FIN7 members, including Iarmak, were aware of reported arrests of other FIN7 members, but nevertheless continued to attack U.S. businesses.

Iarmak initially fought extradition but in February 2020 he consented to extradition in a Thai court. In May 2020 he was transferred to U.S. custody. In November 2021, Iarmak pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

This case is the result of an investigation conducted by the FBI’s Seattle Cyber Task Force. The Justice Department’s Office of International Affairs, the National Cyber-Forensics and Training Alliance, numerous computer security firms and financial institutions, FBI offices across the nation and globe, as well as a number of international agencies provided significant assistance.

Thailand law enforcement authorities provided significant assistance by arresting Iarmak.

This case was prosecuted by Assistant U.S. Attorney Steven Masada of the Western District of Washington and Trial Attorney Anthony Teelucksingh of the Criminal Division’s Computer Crime and Intellectual Property Section.


What to read next

Chinese intelligence conspired to steal sensitive aviation and technological data for years
Trinity Mirror says 80% of phone-hacking claims settled
Three North Korean military hackers indicted in cyberattacks, financial crimes

Flooding lingers in Florida; gusty winds bring critical fire weather to Great Lakes

 
Predominant upper-level ridging stretching from the Southwest to the southern High Plains will allow for another day of record-breaking heat across parts of Nevada and Arizona today.
 
 

Latest

U.S. rigs down to 586
Maine delegation concludes productive visit to Norway
Kingspan Group to open operations in Allegany County, Maryland
Afton Scientific to expand biopharmaceutical facility in Albemarle County, create hundreds of jobs

NEWS

Montreal port dockworkers begin overtime strike

Strong storm impacting portions of Alaska
French far-right leader Marine Le Pen on trial for alleged EU funds misuse
Former Singaporean minister sentenced to 12 months in prison
New York City mayor Eric Adams charged with bribery and wire fraud
U.S.: Heat and fire weather concerns for center of nation; coastal impacts across east
 

BUSINESS

£24 billion worth of investment secured, thousands of jobs in energy sector to be created across UK

Swiss firms attach great importance to cash
U.S. drilling rigs fall by 2 to 583, says Baker Hughes survey
Uganda’s largest power project inaugurated
£200 million rail manufacturing factory in Goole opened
Canada adds 7 rigs, U.S. count down slightly
 

Trending Now

Ryanair: Irish ministers should resign over idiotic traffic restiction

£24 billion worth of investment secured, thousands of jobs in energy sector to be created across UK

Maine delegation concludes productive visit to Norway

Sibanye-Stillwater liable to pay Appian $1.2 billion for scrapped mine deals


POLITICS

Zambia, China sign MoU to establish African nation's first cholera vaccine plant

Turkey imposes anti-dumping duties on steel imports from China, Russia, India, Japan
Connecticut’s minimum wage will increase to $16.35 on January 1, 2025
European Commission sues Poland for lack of tax on international companies
Denmark, Spain refered to Court of Justice over rules on inland navigation, third-country certificates
£1bn investment secures over 300 jobs in North Wales
 

Today We Recommend

Swiss firms attach great importance to cash


Highlights 

Kingspan Group to open operations in Allegany County, Maryland

Afton Scientific to expand biopharmaceutical facility in Albemarle County, create hundreds of jobs

North Carolina: Weatherby Healthcare expands to Wake County with 155 new jobs


COMPANIES

North Carolina: Weatherby Healthcare expands to Wake County with 155 new jobs

Ryanair: Irish ministers should resign over idiotic traffic restiction
Sibanye-Stillwater liable to pay Appian $1.2 billion for scrapped mine deals
Johnson & Johnson will create 420 jobs in Wilson County, North Carolina
Saab will create 70 good-paying jobs in Grayling Township, Michigan
Microsoft announces 4.3 bln euros investment for AI, cloud-based data centers in Italy
 

CAREERS

Ethypharm appoints Éric Chevalier as group human resources director

Exothera appoints Cedric Volanti as CEO
African Development Bank appoints director of special operations in President’s Cabinet
Norgine appoints new CEO Janneke van der Kamp
Satu Rautavalta new VP, business area air technology at Dacke Industri
Glenn Fishwick joins CSL Group as chief technology officer
 

ECONOMY

Fraser Institute: Canada’s debt ranking falls from best in G7 to 7th worst

Kuwait reports $5.2 bln budget deficit in FY 2023-24
Eurozone reports modest Q1 GDP growth, stable annual inflation
Italy sees faster economic growth in Q1
Slovenia's economy expected to grow 0.9 pct in Q1
Italy faces deficit infringement procedure
 

EARNINGS

Ericsson Q2 sales down but North America up

Lockton revenue $3.55 billion
Motorcar Parts of America Q4 sales $189.5 million
Limoneira Q2 revenue $44.6 million
Lululemon athletica Q1 revenue increased 10% to $2.2 billion
PVH Q1 GAAP EBIT $205 million
 

OP-ED

Micromanaging is the worst enemy of efficiency and teamwork

Niger set to monetize massive gas reserves through Saharan natural gas pipeline
Putting the brakes on EV folly that choked the market
Oil discovery in Kavango Basin may mean huge benefits for Namibians
Cape Town and Dubai battle over Africa's energy future
Is America going to lose its superpower status?
 

AGRIFISH

Moldova starts exporting poultry to EU as part of 1.8 billion euro plan to access European market

€1 billion Italian State aid scheme to support farmers affected by floods and landslides
Hong Kong suspends import of poultry meat and products from areas in Hungary and Italy
Sweden declared free from African swine fever
EU proposes €120m support to farmers affected by weather events in Bulgaria, Germany, Estonia, Italy and Romania
Namibia signs deal with China to boost small livestock exports
 

LEADERSHIP

Employers prefer younger job candidates for AI roles although experienced workers perform same or better

Study finds workers misjudge wage markets
Some organizations may need to expand their hierarchical structures earlier than others
Study finds there's right way and wrong way to deliver negative feedback in workplace
Allyship is critical and its needs appreciation
Generating 'buzz' about new products can influence their success
 

CRIME

SEC charges Keurig with making inaccurate statements regarding recyclability of K-Cup beverage pod

SEC charges John Deere with FCPA violations for subsidiary’s role in Thai bribery scheme
AG Bonta secures $3.9 million settlement with cryptocurrency company Robinhood
Italy issues $6.4 million fine over Chinese cars badged as Italian
EU Commission fines Mondelēz €337.5 million for cross-border trade restrictions
HSBC pays penalties for alleged breaches of Consumer Data Right rules
 

Magazine

TRAVEL

Radisson Hotel Group debuts in the heart of Tunisia’s capital city, Tunis

Morocco’s first Radisson branded hotel opens in Casablanca
Buna channels, an unreal and beautiful part of Bosnia and Herzegovina
JW Marriott unveils Mindful Haven with opening of JW Marriott Hotel Nairobi
Sotheby's Sports Week returns with fantastic artifacts
Red Roof properties open in Michigan
 

SEA, LAND, AIR

Citroën C3 Aircross, the most affordable compact SUV with 7 seats

2025 Chevrolet Equinox stands apart with fresh looks and capability
Hill Helicopters HX50, luxury in the sky
Opel Movano becomes fully equipped camper van
Porsche Panamera, new hybrid variants
Dodge Charger, 670 horsepower of electric
 

DESIGN

Cold night, hot fire pit, cool entertainment

Embellish your home with PVC panels
You'll have to hurry if you want one of 20 new Louis Vuitton watches
Luxury duvet looks good, fells good and keeps you healthy
Vacheron Constantin, watches for life and more
Schüller kitchens, where functionality marries design
 

GADGETS

MESA/Boogie Celebrates 40-year partnership with John Petrucci

reMarkable 2, monochrome tablet for your thoughts and your eyes
OnePlus Ace 3V, first with Snapdragon 7 Plus Gen 3
ASUS Zenfone 11 Ultra, flagship with a reason
Samsung Galaxy S24 is photography powerhouse
Casette tapes are making a big comeback, and so are portable players
 

HEALTH

Rwanda restricts gatherings amid Marburg virus outbreak, to begin trials of vaccine

Teksas Attorney General reaches settlement in first-of-its-kind healthcare generative AI investigation
Potentially deadly fungal disease spreading in California
First mpox vaccines arrive in Africa
WHO declares mpox public health emergency, Sweden and Pakistan confirm first case outside Africa
Kenya confirms its first mpox case as virus spreads in Africa
 

MEANTIME

Exoplanet-hunting telescope to begin search for another Earth in 2026

India to build first phase of its own space station by 2028
Roscosmos chief approves schedule of creating Russian orbital station through 2033
Potentially habitable 'exo-Venus' with Earth-like temperature discovered
Rare species of wild bees discovered in Berlin
SLAC completes construction of largest digital camera ever built for astronomy