Serviceteam IT Security News

FIN7 Pen Tester to Serve Seven Years

A high-level member of the notorious organized cybercrime group FIN7 is to spend the next seven years in an American prison.

Hacker Andrii Kolpakov was an active member of FIN7 from at least April 2016 until his arrest in Lepe, Spain, on June 28, 2018. 

The 33-year-old Ukrainian national, who was referred to within the hacking group as a pen tester, pleaded guilty in June 2020 to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

The dozens of members of FIN7 (also referred to as Carbanak Group and the Navigator Group, among other names) stole more than a billion dollars from hundreds of companies in the United States.  

Since at least 2015, the group used malware to hack into thousands of computer systems and exfiltrate millions of customer credit and debit card numbers. The stolen credentials were then either used by FIN7 or sold on to other cyber-criminals for profit. 

The group successfully breached the computer networks of businesses in all 50 states and the District of Columbia, stealing more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations.

Most of the companies targeted by FIN7 in the United States were in the restaurant, gambling and hospitality industries. Among the group's many victims were Chipotle Mexican Grill, Chili’s, Arby’s, Red Robin and Jason’s Deli. 

FIN7 also attacked companies in Australia, France and the United Kingdom. 

Explaining how the group's nefarious scheme operated, the Department of Justice stated: "FIN7 carefully crafted email messages that would appear legitimate to a business’s employees and accompanied emails with telephone calls intended to further legitimize the emails. 

"Once an attached file was opened and activated, FIN7 would use an adapted version of the Carbanak malware, in addition to an arsenal of other tools, to access and steal payment card data for the business’s customers."

Kolpakov was extradited from Spain to the United States on June 1, 2019. On Thursday, he was sentenced to seven years in prison and ordered to pay restitution of $2.5m. 

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply