Fin7 sysadmin gets 10-year sentence in US hacking case

The notorious cyber gang has targeted thousands of businesses including restaurants, retailers and gambling firms since emerging in 2014

A sysadmin for the notorious FIN7 cyber crime group has been sentenced to 10 years in US prison for his involvement in financial crimes that caused "over a billion dollars in losses to Americans and costs to the US economy".

According to the US Justice Department, Ukrainian national Fedir Hladyr was manager and sysadmin for FIN7 group (aka Carbanak, Anunak or Navigator Group) and pleaded guilty to participating in the hacking operations.

He was arrested in Dresden, Germany in 2018 and later extradited to Seattle, Washington. He was sentenced in the Western District of Washington on 16 April.

As per court documents, 35-year-old Hladyr originally joined Fin7 gang via a front company called Combi Security - a bogus company that posed as a penetration testing company to recruit hackers. The firm had a website but no legitimate clients.

According to the Justice Department, Hladyr confessed in his plea agreement that after joining Combi Security, he soon realised that it was not a genuine firm and was engaged in cyber crime. But Hladyr continued to serve Fin7 as sysadmin, playing an important role in managing hacking operations for the group.

His main responsibilities included aggregating stolen payment card details, overseeing Fin7's hackers, and maintaining servers that were used by gang members to attack victims' machines.

He also controlled the encrypted channels of communication for the group.

Hladyr originally faced 26 criminal counts but in 2019, he pleaded guilty to one count of conspiracy to commit computer hacking and one count of conspiracy to commit wire fraud. He also agreed to pay $2.5 million in restitution.

The Fin7 group, which has been active since 2014, has breached computer networks in all 50 US states and the District of Columbia, stealing details of over 20 million credit cards.

In the past five years, the gang has targeted thousands of businesses including restaurants, retailers, and gambling firms in more than 40 countries, stealing records of over 20 million customer cards. Cyber security experts believe that Fin7 has stolen more than $1 billion from multiple organisations in the past five years.

Saks Fifth Avenue and Lord & Taylor are among the high-profile targets of Fin7.

"The defendant and his conspirators compromised millions of financial accounts and caused over a billion dollars in losses to Americans and costs to the US economy," said acting assistant attorney general Nicholas L. McQuaid of the Justice Department's Criminal Division.

In 2018, the US Department of Justice had announced the arrest of two other members of Fin7 group - Dmytro Fedorov (44) and Andrii Kopakov (30).

Last year, one more member of the group was arrested by federal officers for his alleged involvement in cyber campaigns run by Fin7. Ukrainian national named Denys Iarmak was arrested from Seattle following his extradition from Thailand.

Chat logs dating from 2017 suggested that Iarmak provided a member of Fin7 with user credentials for a compromised US enterprise. He was charged with conspiracy to commit wire and bank fraud, access device fraud, and intentional damage to a protected computer.