FIN7 Hacking Group Member Sentenced to 10 Years in Prison

fin7 member sentenced to jail - featured image

A 35-year-old Ukrainian national was slapped with a decade-long prison sentence for his role in an infamous hacking group that caused billions of dollars in losses to American companies. According to US authorities, Fedir Hladyr was a manager and systems administrator for an outfit known as FIN7.

Hladyr is one of three Ukrainians arrested in 2018 for hacking over 100 US companies and compromising millions of credit and debit card accounts. Acting Assistant Attorney General Nicholas McQuaid said that the group “caused over a billion dollars in losses to Americans and costs to the US economy.”

Hladyr was arrested in Germany in 2018 before being extradited to Seattle. The defendant pleaded guilty in 2019 to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

The prosecutor, Tessa Gorman, said that Hladyr had a crucial role during malware attacks on US companies and consumers, highlighting his responsibility for the extensive financial damage that FIN7 caused.

FIN7 is a sophisticated hacker organization that has over 70 members organized in teams and business units. They hacked computer systems and stole consumers’ debit and credit card data that were sold illegally for profits. Prosecutors in the case said the group stole “more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations.”

The group targeted US companies in the restaurant and gambling industry, like Chipotle Mexican Grill, Arby’s, Chili’s, Jason’s Deli, and Red Robin. According to prosecutors, the group’s members sent infected emails to employees that were followed by phone calls “intended to further legitimize the email.” By opening the files attached to emails, recipients activated malware that stole payment card data.

Aside from attacking the US companies, FIN7 attacked computer systems in Britain, Australia, and France. In 2015, Kaspersky Lab identified a long list of targets by the outfit, which was then referred to as the Carbanak group.