Three Ukrainians Arrested Over Hacking 15M US Credit Cards

Authorities in the United States arrested three Ukrainian individuals over allegations that they participated in a cybercrime ring dedicated to stealing credit card information which compromised some 15 million individuals in the country. The people in question — Andrii Kolpakov, 30, Fedir Hladyr, 33, and Dmytro Fedorov, 44 — are believed to have been senior members of cybercrime group "FIN7" which attacked more than 100 American companies to date, the Department of Justice announced earlier this month. The trio is presently in custody, awaiting trials based on federal charges filed with the U.S. District Court in Seattle, Washington.

FIN7, also known as the "Navigator Group" and "Carbanak Group," has been conducting malware-based attacks aimed at stealing credit card credentials from unsuspecting U.S. victims since at least 2015, according to three indictments the DOJ unsealed last Wednesday. The criminal ring is understood to have primarily targeted small and medium-sized businesses in the hospitality, gaming, and restaurant industries, having sold stolen credit and debit card info for profit, most likely to identity thieves. American companies across 47 states and the District of Columbia have been compromised as part of FIN7's activities, with the majority of attacks being conducted through malware targeting some 6,500 point-of-sale terminals at approximately 3,600 locations, the indictments read.

Besides companies in the U.S., the tech crime group is also understood to have targeted firms in the United Kingdom, France, and Australia. Some of the most high-profile names to have disclosed hacking attacks associated with FIN7's malware are Arby's and Chipotle Mexican Grill. Each arrested Ukrainian national is now facing 26 felony counts of wire fraud, access device fraud, conspiracy, aggravated identity theft, and computer hacking, the DOJ confirmed. The individuals were arrested and extradited by the governments of Poland, Spain, and Germany, with those proceedings starting this January. FIN7 operated under the guise of a front company Combi Security based in Israel and Russia, which claimed to offer white hat hacking services, i.e. penetration vulnerability testing. The firm's website claimed some of its most high-profile victims were its former clients, U.S. authorities found.

You May Like These
More Like This:
About the Author
2018/10/2018-10-23.jpg

Dominik Bosnjak

Head Editor
Dominik started at AndroidHeadlines in 2016 and is the Head Editor of the site today. He’s approaching his first full decade in the media industry, with his background being primarily in technology, gaming, and entertainment. These days, his focus is more on the political side of the tech game, as well as data privacy issues, with him looking at both of those through the prism of Android. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now