Three members of a ‘prolific’ and ‘notorious’ hacking group, known for carrying out massive hacking sprees against high-profile organizations have been arrested by the Federal Bureau of Investigation (FBI). According to the US Department of Justice (DOJ), the arrested individuals were leading the global cybercrime syndicate known as Fin7.
The group has stolen over 15m credit card numbers from more than 6,000 point-of-sale terminals located at 3,600 business locations. They sold the card numbers or used them to spend millions of dollars.
Officials reveal that the accused were responsible for selling the stolen credit cards on the Dark Web and making huge profits. They have been charged for crimes carried out against US organizations but companies located in the UK, France, and Australia also were attacked. Some of the key victims of Fin7’s hacking spree include well-known names such as Red Robin, Chipotle Mexican Grill, Jason’s Deli and Chili’s, etc. FBI’s cybersecurity task force claims that the Fin7 group impacted at least 120 US businesses.
The primary attack method used by Fin7 includes phishing attacks where they sent emails containing malicious attachments that infected the device with Carbanak malware. Three main industries targeted by Fin7 include casinos, hotels, and restaurants while people who were in charge of catering were the key targets of their phishing campaigns. Hackers even made phone-calls to the recipients of phish emails and encouraged them to open the attachment.
Fedorov, also known as hotdima, is believed to be a “high-level hacker and manager who allegedly supervised other hackers tasked with breaching the security of victims’ computer systems,” according to the DOJ. He was arrested in January this year from the city of Bielsko-Biala, Poland and is detained there until his extradition.
Hladyr, also famous as das or AronaXus, was also arrested in January from Dresden, Germany and already has been extradited to the United States. He will be tried in Seattle. The DOJ states that Hladyr was the systems administrator for the Fin7 group. He maintained communication channels and handled servers that the organizations used. “Hladyr held a managerial role by delegating tasks and by providing instruction to other members of the scheme,” states the DOJ.
Kopakov, also called santisimo, was arrested in March 2018 from Lepe, Spain, and he is alleged to be the leader of the Fin7 group (also known as Carabanak and JokerStash) but the DOJ said that he served as the supervisor. Previously, the group was suspected to be based in Russia. According to the FBI agent in charge of this investigation, Jay Tabb:
“The naming of these Fin7 leaders marks a major step towards dismantling this sophisticated criminal enterprise. The FBI will continue to work with its law enforcement partners worldwide to pursue the members of this devious group, and hold them accountable for stealing from American businesses and individuals.”