FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme

One of the ringleaders of FIN7, a global hacking crew accused of stealing more than $1 billion by posing as a cybersecurity vendor, has admitted his role in the scheme. Andrii Kolpakov pleaded guilty on Monday to conspiracy to commit wire and bank fraud and conspiracy to commit computer hacking as part of his involvement with FIN7. U.S. prosecutors had accused Kolpakov, a Ukrainian national, of working as a manager and recruiter for the crew, a role in which he hired and supervised computer specialists who spent their days stealing payment card information from dozens of companies, including Chipotle, Red Robin and Sonic Drive-In. “During the course of the scheme, [Kolpakov] received compensation for his participation in FIN7, which far exceeds comparable legitimate employment in Ukraine,” the plea deal notes. “For the purposes of this plea agreement, the parties agree that — during [Kolpakov’s] participation in the malware scheme — […]

The post FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme appeared first on CyberScoop.

Continue reading FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme

Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic

Professional hackers who already try to hide their activity through an array of technical means now seem to be trying on more corporate disguises, by creating front companies or working as government contractors to boost their legitimacy. U.S. law enforcement in September accused hackers based in Iran and China of conducting global espionage operations while appearing to exist as otherwise innocuous technology firms. While the public nature of the charges are proof the efforts weren’t entirely successful, the tactic marks an evolution of the use of dummy corporations since a group of financial scammers stole a reported $1 billion by posing as a cybersecurity testing firm. “It just makes it harder to figure out who’s doing what, and what are their motivations,” John Demers, the U.S. assistant attorney general for national security, said of the apparent motivation in a recent interview. “For a company that’s suffered a breach, it may […]

The post Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic appeared first on CyberScoop.

Continue reading Foreign spies use front companies to disguise their hacking, borrowing an old camouflage tactic

Hushpuppi and Mr.Woodbery, BEC scammers: Welcome to Chicago!

There are quite a few West African scammers who try to explain away their wealth by claiming they are a “bitcoin entrepreneur” or “real estate investor” when in fact they conduct Business Email Compromise scams against American companies, and Romance S… Continue reading Hushpuppi and Mr.Woodbery, BEC scammers: Welcome to Chicago!

FBI Officials Arrest Another Alleged FIN7 Gang Member

According to newly released court documents, Ukrainian national Denys Iarmak has been arrested for alleged involvement in the malicious cyber campaigns run by the infamous hacking group FIN7. Among others, Iarmak has been charged with conspiracy to com… Continue reading FBI Officials Arrest Another Alleged FIN7 Gang Member

Federal officials have arrested another accused FIN7 hacker

A Ukrainian national was arrested last week in Seattle for his alleged involvement in hacking operations run by FIN7, a syndicate known for stealing approximately $1 billion from its victims in the United States. According to court documents obtained by CyberScoop, Denys Iarmak has been charged with conspiracy to commit computer hacking, accessing a protected computer to commit fraud, intentional damage to a protected computer, access device fraud, conspiracy to commit wire and bank fraud, wire fraud, and aggravated identity theft. The arrest is a significant move against financially motivated FIN7, which has targeted the hospitality and gaming industries in the last several years.  FIN7 has gone after restaurants including Chipotle, Red Robin, Taco John, as well as a credit union and a casino. According to the court documents, Iarmak was part of a scheme where operators allegedly ran spearphishing campaigns to gain unauthorized access to victim computers, deploy malware, conduct […]

The post Federal officials have arrested another accused FIN7 hacker appeared first on CyberScoop.

Continue reading Federal officials have arrested another accused FIN7 hacker

Hackers sending malware infected USBs with Best Buy Gift Cards

By Waqas
Researchers maintain that this USB drive is an Arduino microcontroller ATMEGA32U4 and infected with GRIFFON malware.
This is a post from HackRead.com Read the original post: Hackers sending malware infected USBs with Best Buy Gift Cards
Continue reading Hackers sending malware infected USBs with Best Buy Gift Cards

Malware from notorious FIN7 group is being delivered by snail mail

While hackers all over the world rely on emails and text messages to breach networks, one infamous criminal group appears to be turning to the mailman to deliver their malicious code. Malware authored by FIN7, which researchers say has stolen over $1 billion in recent years, has been delivered by the U.S. Postal Service to multiple organizations in recent months, according to security company FireEye. The code comes on USB sticks that, once inserted into a computer, install a “backdoor,” called Griffon, capable of stealing sensitive information. The malicious code, which multiple security companies have attributed to FIN7, burrows into the target computer and beacons back to the group for further instructions. How many of the USB deliveries led to network breaches remains unclear. The hacking attempts raise questions about how a group thought to be based in Eastern Europe, and one that U.S. officials have hunted for years, has been […]

The post Malware from notorious FIN7 group is being delivered by snail mail appeared first on CyberScoop.

Continue reading Malware from notorious FIN7 group is being delivered by snail mail

Can software vendors block a notorious criminal group’s attacks? MITRE wants to find out

The Eastern European hacking group FIN7 has stolen an estimated $1 billion in recent years by sweeping up payment card data processed by hotels and other organizations. The fortune amassed by FIN7, despite the arrest of some of its senior members, has made it one of the most potent criminal threats to organizations around the world. Changes the group has made to its hacking tools in recent months have meant more breaches, and likely more money, for FIN7. Now, a U.S. government-funded organization is trying to put a dent in FIN7 hacks by evaluating the group’s attack techniques against widely used cybersecurity software. Vendors will be assessed on their ability to block FIN7-like intrusions and, with the results made public next year, hopefully improve their products. While FIN7 is the subject of the evaluation, the attack techniques tested will “be applicable across a broad spectrum of adversaries,” said Frank Duff, […]

The post Can software vendors block a notorious criminal group’s attacks? MITRE wants to find out appeared first on CyberScoop.

Continue reading Can software vendors block a notorious criminal group’s attacks? MITRE wants to find out