Security Market Segment LS
Thursday, 02 August 2018 09:09

Three members of Carbanak gang indicted over card fraud

By

Three members of a cyber crime group known as FIN7 have been arrested in Europe and indicted in the US over charges of using malware to steal millions of credit and debit card numbers which they then either used or sold.

Ukrainians Dmytro Fedorov, 44, Fedir Hladyr, 33, and Andrii Kolpakov, 30, belonged to the gang also known as the Carbanak Group because of the malware that they used.

The US Justice Department said in an indictment that the trio had targeted more than 100 American companies in the gaming, restaurant and hospitality sectors since 2015. Australian agencies also played a role in the arrest.

Fedorov, Hladyr and Kolpakov operated out of Eastern Europe and also attacked companies in the UK, Australia and France. In the US, FIN7 breached networks of companies in 47 states and the District of Columbia, stealing more than 15 million customer card records from 6500 individual PoS terminals at 3600 separate locations.

Each of the three is charged with 26 felony counts, alleging conspiracy, wire fraud, computer hacking, access device fraud, and aggravated identity theft.

Hladyr was arrested in Dresden, Germany, and extradited to Seattle where he is awaiting trial. Fedorov was arrested in Poland and his extradition has been sought by the US. The third man, Kolpakov, was arrested in Spain and his extradition. too, is pending.

The FIN7 gang operated by sending carefully crafted messages to likely victims with Microsoft Word attachments that contained embedded malware. This then connected to a command and control server and downloaded more malicious software, among which was the Carbanak malware, which has been used by others in a big transnational attack on the banking industry.

sample fin7

One of the phishing emails used by the gang. Courtesy: US Department of Justice

The gang used a front company, Combi Security, said to be headquartered in Russia and Israel, to guise their actions and to recruit people to join their criminal enterprise.

“The three Ukrainian nationals indicted today allegedly were part of a prolific hacking group that targeted American companies and citizens by stealing valuable consumer data, including personal credit card information, that they then sold on the Darknet,” said Assistant Attorney-General Brian Benczkowski.

“Because hackers are committed to finding new ways to harm the American public and our economy, the Department of Justice remains steadfast in its commitment to working with our law enforcement partners to identify, interdict, and prosecute those responsible for these threats.”

Australian Law Enforcement and Cyber Security Minister Angus Taylor said: “This operation is a great example of how the Australian Government is targeting cyber criminals wherever they are. FIN7 is accused of hacking systems and stealing millions of customer credit and debit card details.

“Australian agencies are deploying their most sophisticated cyber capabilities, combined with traditional police work, to go after criminals and stop them from targeting Australia.

“International crime requires an international response. There is an ongoing global effort to crack down on cyber criminals who are targeting our businesses and hardworking Australians.

"Australia has helped deal a body blow to a prolific international hacking group.”

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments