Three Ukrainian hackers were arrested in the United States for hacking the computer systems of a hundred or so US companies, stealing credit card numbers from 15 million customers, the US Department of Justice said today. Dmytro Fedorov, 44, Fedir Hladyr, 33, and Andrii Kopakov, 30, are “key players” in the hacker group known as FIN7 (also known as the Carbanak or Navigator group), said the Department in a statement.
Since 2015, they have entered the computer systems of 3,600 hotels, restaurants and casinos in 47 US states as well as the United Kingdom, Australia and France, stealing data they used for their own profit or resold on the darknet. According to the indictment released on Wednesday, Dmytro Fedorov, described as a “high-level hacker and group leader who supervises other hackers,” was arrested in January in Bielsko-Biala, Poland. He is awaiting extradition to the United States.
Andrii Kolpakov, also considered one of the leaders of the FIN7 group, was arrested at the end of June in the small Spanish town of Lepe, on the Atlantic coast, near the Portuguese border. He is also waiting for his extradition. The only accused already transferred to the United States is Fedir Hladyr, who was arrested in Dresden, Germany, in January 2018 and is now detained in Seattle, Washington State, where he is to be tried on October 22. He is presented as one of the administrators of the IT system of the FIN7 group, which he maintained and operated.
They are each indicted on 26 counts, including criminal conspiracy, fraud, computer hacking, fraudulent access to computer devices and aggravated identity theft. They risk “tens of years” in prison, said prosecutor Annette Hayes during a press conference. FIN7 used a Russian and Israel-based computer security company, Combi Security, to hedge other hackers as a cover.
But despite the link with Moscow, accused of infiltrating social networks to interfere in the 2016 US election campaign, the activities of FIN7 “are not related to any state,” said the FBI agent in charge of the investigation, Jay Tabb. “It’s just traditional organised crime,” he said.
In order to penetrate the companies’ computer systems, the group sent carefully targeted emails to appear legitimate to an employee, and frequently followed the sending of a message by a telephone call to convince the employee to open the attached document. Once the attached document was open, the employee’s computer was infected with malicious software that gave the hacker access to all of his company’s data, including the credit card numbers of clients.