FIN7 – Page 2 – WindowsTechs.com

Alleged FIN7 scammer Denys Iarmak is set to plead guilty

Posted on November 16, 2021 by Jeff Stone

An alleged member of the FIN7 hacking group is set to plead guilty, admitting to a role in a criminal organization that used front companies and array of fraud techniques to steal more than $1 billion from victims worldwide, CyberScoop has learned. Attorneys for Denys Iarmak, a Ukrainian national, have notified a federal court in Washington state that Iarmak intends to change his plea after he declared himself not guilty at a May 2020 arraignment hearing. While one defense counselor said Iarmak could change his mind before his next hearing, scheduled for Nov. 22, attorneys have agreed in principle to a plea deal with the U.S. Department of Justice. “That’s what’s most likely,” said defense attorney Michael Craig Nance, who is representing Iarmak in the Western District of Washington. “It’s not final until a person stands in court and says they’re guilty.” Iarmk was initially charged with a range of […]

The post Alleged FIN7 scammer Denys Iarmak is set to plead guilty appeared first on CyberScoop.

Continue reading Alleged FIN7 scammer Denys Iarmak is set to plead guilty→

Cybercriminals are deploying legit security tools far more than before, researchers conclude

Posted on June 29, 2021 by Tonya Riley

Financially motivated cybercriminals are increasingly turning to Cobalt Stike, a legitimate tool that cybersecurity professionals use to test system security, researchers at Proofpoint found. The cybersecurity firm declined to disclose specific numbers but reported a 161% increase in attacks using Cobalt Strike in 2020 compared to 2019. Proofpoint researchers have already seen tens of thousands of organizations targeted by the tool this year and expect those numbers to climb in 2021, according to the report the firm released Tuesday. Threat groups are able to get ahold of the tool from pirated versions circulating the dark web, according to Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. Cobalt Strike is a popular tool for security testing because of the variety of attacks it enables. Most notable among them is Cobalt Strike Beacon, a malware that allows hackers to mask their activity and communications with a system once it’s infiltrated. Russian hackers […]

The post Cybercriminals are deploying legit security tools far more than before, researchers conclude appeared first on CyberScoop.

Continue reading Cybercriminals are deploying legit security tools far more than before, researchers conclude→

FIN7 hacking gang’s “pen tester” jailed for seven years by US court

Posted on June 25, 2021 by Graham Cluley

The Western District of Washington has sentenced a Ukrainian man to seven years in prison for his role in a hacking gang that is estimated to have caused more than one billion dollars worth of damage.

Read more in my article on the Hot for Security … Continue reading FIN7 hacking gang’s “pen tester” jailed for seven years by US court→

Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison

Posted on June 24, 2021 by Jeff Stone

A U.S. court on Thursday sentenced Andrii Kolpakov, a Ukrainian national, to seven years in prison for his role in the FIN7 gang. Kolpakov, 33, functioned as a supervisor for a small team of hackers who between 2016 and 2018 breached victims including Chipotle, Red Robin, Arby’s and other U.S. corporations. Victims experienced “enormous” losses, according to the Justice Department, that by some estimates have exceeded $1 billion. Kolpakov pleaded guilty in November 2020 and faced up to 25 years behind bars. Spanish police arrested him in 2018, ultimately extraditing him to the U.S. “During the course of the scheme, [Kolpakov] received compensation for his participation in FIN7, which far exceeds comparable legitimate employment in Ukraine,” the plea deal noted. “For the purposes of this plea agreement, the parties agree that — during [Kolpakov’s] participation in the malware scheme — FIN7 illegal activity resulted in over $100 million in losses […]

The post Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison appeared first on CyberScoop.

Continue reading Andrii Kolpakov, who supervised hackers for FIN7, sentenced to 7 years in prison→

FIN7 scammers posed as SEC officials, sick restaurant customers to hack victims

Posted on June 22, 2021 by Jeff Stone

A hacking group known for innovative fraud techniques impersonated angry restaurant customers and targeted specific individuals with unique access to financial information, U.S. prosecutors argue in a court filing that sheds new light on the scammers’ work. The FIN7 gang, which researchers have blamed for more than $1 billion in theft since 2015, relied on more than 70 members who were assigned to various departments under the larger organization, according to court documents filed on June 17 in U.S. District Court in Seattle. By masquerading as a cybersecurity testing company dubbed Combi Security, FIN7 leaders organized their personnel into separate teams charged with developing malware, crafting phishing documents and collecting money from breached victims. The group targeted hundreds of U.S. companies, prosecutors say, infecting victims as diverse as the burrito chain Chipotle and the department store Saks Fifth Avenue. Court documents filed in the case of Andrii Kolpakov, who pleaded […]

The post FIN7 scammers posed as SEC officials, sick restaurant customers to hack victims appeared first on CyberScoop.

Continue reading FIN7 scammers posed as SEC officials, sick restaurant customers to hack victims→

MITRE ATT&CK: Cybereason Dominates the Competition

Posted on April 21, 2021 by JJ Cranford

The long-awaited 2020 MITRE ATT&CK evaluations are out! With the MITRE ATT&CK framework now being the standard by which Defenders can measure the effectiveness of various solutions in tracking adversary behavior, cyber vendors are cherry-p… Continue reading MITRE ATT&CK: Cybereason Dominates the Competition→

Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree

Posted on April 19, 2021 by Graham Cluley

A key member of the FIN7 cybercrime gang – which is said to have caused over one billion dollars worth of damage around the world – has been sentenced to 10 years in jail.

Read more in my article on the Hot for Security blog. Continue reading Sysadmin of fake cybersecurity company sentenced to jail after billion-dollar crime spree→

FIN7 ‘technical guru’ sentenced to 10 years in prison

Posted on April 16, 2021 by Sean Lyngaas

A U.S. federal judge on Friday sentenced Fedir Hladyr to 10 years in prison for his alleged role as an administrator of the multibillion-dollar cybercrime group known as FIN7, which has breached hundreds of U.S. firms. The 10-year sentence includes three years Hladyr has already spent in detention since his arrest, and $2.5 million in restitution to be distributed to victims. FIN7 is one of the most formidable cybercriminal groups of the last decade, allegedly siphoning off millions of credit card numbers from restaurant and hospitality chains in 47 U.S. states. And Hladyr, a Ukrainian in his mid-30s, is allegedly a big reason that FIN7 operated like a well-oiled multinational corporation. Hladyr allegedly controlled an instant messaging service that the crime group used to upload stolen payment card data and screenshots from hacked financial firms. He also allegedly organized FIN7’s work through a project-tracking software that managed thousands of stolen usernames […]

The post FIN7 ‘technical guru’ sentenced to 10 years in prison appeared first on CyberScoop.

Continue reading FIN7 ‘technical guru’ sentenced to 10 years in prison→

The Evolution of the FIN7 JSSLoader

Posted on January 4, 2021 by Arnold Osipov

Morphisec Labs has been tracking FIN7 (Carbanak Group) activity for the past several years. Morphisec’s ability to collect rich forensic data from memory has provided unique visibility into multiple FIN7 campaigns that our researchers were proud t… Continue reading The Evolution of the FIN7 JSSLoader→

FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme

Posted on November 17, 2020 by Jeff Stone

One of the ringleaders of FIN7, a global hacking crew accused of stealing more than $1 billion by posing as a cybersecurity vendor, has admitted his role in the scheme. Andrii Kolpakov pleaded guilty on Monday to conspiracy to commit wire and bank fraud and conspiracy to commit computer hacking as part of his involvement with FIN7. U.S. prosecutors had accused Kolpakov, a Ukrainian national, of working as a manager and recruiter for the crew, a role in which he hired and supervised computer specialists who spent their days stealing payment card information from dozens of companies, including Chipotle, Red Robin and Sonic Drive-In. “During the course of the scheme, [Kolpakov] received compensation for his participation in FIN7, which far exceeds comparable legitimate employment in Ukraine,” the plea deal notes. “For the purposes of this plea agreement, the parties agree that — during [Kolpakov’s] participation in the malware scheme — […]

The post FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme appeared first on CyberScoop.

Continue reading FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme→