Western District of Washington

FIN7 ‘technical guru’ sentenced to 10 years in prison

Posted on April 16, 2021 by Sean Lyngaas

A U.S. federal judge on Friday sentenced Fedir Hladyr to 10 years in prison for his alleged role as an administrator of the multibillion-dollar cybercrime group known as FIN7, which has breached hundreds of U.S. firms. The 10-year sentence includes three years Hladyr has already spent in detention since his arrest, and $2.5 million in restitution to be distributed to victims. FIN7 is one of the most formidable cybercriminal groups of the last decade, allegedly siphoning off millions of credit card numbers from restaurant and hospitality chains in 47 U.S. states. And Hladyr, a Ukrainian in his mid-30s, is allegedly a big reason that FIN7 operated like a well-oiled multinational corporation. Hladyr allegedly controlled an instant messaging service that the crime group used to upload stolen payment card data and screenshots from hacked financial firms. He also allegedly organized FIN7’s work through a project-tracking software that managed thousands of stolen usernames […]

The post FIN7 ‘technical guru’ sentenced to 10 years in prison appeared first on CyberScoop.

Continue reading FIN7 ‘technical guru’ sentenced to 10 years in prison→

California man gets 3 years in prison for hacking Nintendo, collecting child pornography

Posted on December 1, 2020 by Sean Lyngaas

A 21-year-old California man has been sentenced to three years in prison and seven years of supervised release for a hacking scheme that stole proprietary Nintendo information, and for possessing child pornography. The defendant, Ryan Hernandez, will also have to pay more than $259,000 to remediate damages he allegedly caused Nintendo, U.S. prosecutors in the Western District of Washington announced Tuesday. The sentencing comes four years after Hernandez first got in trouble with the law for alleged hacking. In 2016, as a teenager, Hernandez and an unnamed associate stole login credentials from a Nintendo employee that were used to access files on Nintendo consoles and games, according to prosecutors. FBI agents visited Hernandez and his parents, and Hernandez pledged not to engage in anymore malicious online activity, the Justice Department said in a press release. But Hernandez went on to hack multiple Nintendo servers and steal internal data on popular […]

The post California man gets 3 years in prison for hacking Nintendo, collecting child pornography appeared first on CyberScoop.

Continue reading California man gets 3 years in prison for hacking Nintendo, collecting child pornography→

FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme

Posted on November 17, 2020 by Jeff Stone

One of the ringleaders of FIN7, a global hacking crew accused of stealing more than $1 billion by posing as a cybersecurity vendor, has admitted his role in the scheme. Andrii Kolpakov pleaded guilty on Monday to conspiracy to commit wire and bank fraud and conspiracy to commit computer hacking as part of his involvement with FIN7. U.S. prosecutors had accused Kolpakov, a Ukrainian national, of working as a manager and recruiter for the crew, a role in which he hired and supervised computer specialists who spent their days stealing payment card information from dozens of companies, including Chipotle, Red Robin and Sonic Drive-In. “During the course of the scheme, [Kolpakov] received compensation for his participation in FIN7, which far exceeds comparable legitimate employment in Ukraine,” the plea deal notes. “For the purposes of this plea agreement, the parties agree that — during [Kolpakov’s] participation in the malware scheme — […]

The post FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme appeared first on CyberScoop.

Continue reading FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme→

US arrests suspected hackers accused of video game piracy

Posted on October 5, 2020 by Joe Warminsky

The alleged leaders of an international video game piracy group apparently didn’t do enough to protect their scheme from the prying eyes of the feds. The Department of Justice says two men have been arrested on felony charges of helping run Team Xecuter, which sold modification kits and other tools that allowed users of the Nintendo Switch and other gaming devices to play pirated versions of games. The federal indictment charges Canadian national Gary Bowser, French national Max Louarn and Chinese national Yuanning Chen with 11 counts of wire fraud, conspiracy to commit wire fraud and money laundering in connection with Team Xecuter. The indictment does not link the three men to any other hacking groups. In many ways, though, the Justice Department’s approach to charging them mirrors other recent efforts to accuse and apprehend foreigners in cybercrime cases involving financial fraud or cyber-espionage. Team Xecuter, which claims to have been […]

The post US arrests suspected hackers accused of video game piracy appeared first on CyberScoop.

Continue reading US arrests suspected hackers accused of video game piracy→

Feds indict ‘fxmsp’ in connection with million-dollar hacking operation

Posted on July 7, 2020 by Jeff Stone

The U.S. Department of Justice has charged a man with hacking-related crimes as part of an investigation into a group of foreign scammers accused of targeting more than 300 organizations throughout the world. Prosecutors in the Western District of Washington charged Andrey Turchin, who resides in Kazakhstan, with five felony counts in connection with a year-long fraud effort. Last known to be in Kazakhstan, Turchin allegedly sold remote access hacking tools on cybercriminal forums, typically charging tens of thousands of dollars for access to data that would cost victims tens of millions of dollars. Turchin went by a series of aliases, including “fxmsp,” according to the Justice Department. He was initially charged in December 2018, though the indictment was kept under seal until Tuesday, one month after security vendor Group-IB released its own research documenting the work of a hacker known by the “fxmsp” alias. “U.S. authorities have reason to […]

The post Feds indict ‘fxmsp’ in connection with million-dollar hacking operation appeared first on CyberScoop.

Continue reading Feds indict ‘fxmsp’ in connection with million-dollar hacking operation→

Alleged Capital One hacker Paige Thompson to be released before trial

Posted on November 5, 2019 by Jeff Stone

Paige Thompson will be free to move throughout the Seattle area before her case goes to trial. The accused Capital One hacker is scheduled to be released from jail Tuesday after a judge determined the 33-year-old defendant does not pose enough of a threat to the community to warrant her incarceration. Thompson, who is transgender, was arrested in July for allegedly hacking Capital One to access information about 106 million people, and has been held in a men’s detention center in Seattle in the months since. U.S. District Judge Robert Lasnik previously told attorneys he was “very concerned” about whether Thompson would receive adequate mental health treatment from the Bureau of Prisons, citing previous cases in which trans inmates have resorted to self-harm behind bars. The former Amazon Web Services software engineer is charged with computer fraud and abuse and wire fraud in connection with a breach at Capital One. Prosecutors say […]

The post Alleged Capital One hacker Paige Thompson to be released before trial appeared first on CyberScoop.

Continue reading Alleged Capital One hacker Paige Thompson to be released before trial→

Accused Capital One hacker had as much as 30 terabytes of stolen data, feds say

Posted on October 16, 2019 by Jeff Stone

Investigators probing the Capital One data breach say they have between 20 and 30 terabytes of data in their possession as they prepare for trial against the alleged hacker, Paige Thompson, according to court documents obtained by CyberScoop. The government now is parsing through millions of individual files, prosecutors said, as well as a spreadsheet agents say they found recently on Thompson’s computer, which contains aggregated information apparently stolen from Capital One. “[B]asically, each line is one credit card applicant and information about that person,” Assistant U.S. Attorney Andrew Friedman told a federal court during a detention hearing Oct. 4. “Some of it is coded information that means nothing to us, like what particular offer they received; some of it … is the names and dates of birth and the last four digits of Social Security numbers and things like that. … It’s hard to know exactly what this is.” Friedman […]

The post Accused Capital One hacker had as much as 30 terabytes of stolen data, feds say appeared first on CyberScoop.

Continue reading Accused Capital One hacker had as much as 30 terabytes of stolen data, feds say→

FIN7’s IT admin pleads guilty for role in billion-dollar cybercrime crew

Posted on September 11, 2019 by Jeff Stone

An accused operator of the FIN7 hacking collective pleaded guilty on Wednesday to charges in connection with working as the administrator of the group that researchers have suggested stole more than $1 billion from victims worldwide. Fedir Hladyr, 34, appeared in a courtroom in the Western District of Washington to plead guilty to wire fraud and conspiracy to commit computer hacking as part of a deal with prosecutors that will result in a prison sentence of no more than 25 years, according to his defense attorney. Hladyr was arrested in Dresden, Germany in January 2018 and accused of working as an administrator for the FIN7 group who maintained servers and delegated responsibilities throughout the international hacking crew, among other duties. He is the first member of the group to be found guilty of hacking-related crimes in U.S. court. The case marks a significant win for the Department of Justice, which […]

The post FIN7’s IT admin pleads guilty for role in billion-dollar cybercrime crew appeared first on CyberScoop.

Continue reading FIN7’s IT admin pleads guilty for role in billion-dollar cybercrime crew→

Accused Capital One hacker pleads not guilty to all charges

Posted on September 5, 2019 by Jeff Stone

Paige Thompson has pleaded not guilty to all charges in connection with a data breach at Capital One that resulted in the compromise of information about roughly 106 million people. Thompson appeared in Western District of Washington federal court on Thursday for the first time after she was arrested on July 29 on charges related to the Capital One hack. A federal grand jury previously had indicted Thompson on two criminal counts, wire fraud and computer fraud and abuse, for which she could be sentenced to up to 25 years in prison if convicted. Upon being advised of her charges and pleading not guilty Thursday, Thompson was taken back into custody. A jury trial is scheduled to begin Nov. 4. Thompson, a software engineer, formerly worked for AWS, the cloud computing giant on which Capital One relies to store sensitive data. She allegedly built a customer scanning software that searched […]

The post Accused Capital One hacker pleads not guilty to all charges appeared first on CyberScoop.

Continue reading Accused Capital One hacker pleads not guilty to all charges→

Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking

Posted on August 29, 2019 by Jeff Stone

A federal grand jury indicted Paige Thompson, the accused Capital One hacker, in connection with allegations that she accessed data on more than 30 companies and used that illicit access to generate cryptocurrency, the Department of Justice said Wednesday. Thompson was arrested on July 29 on suspicion of hacking into the bank’s systems and accessing data on roughly 106 million people. The indictment this week reiterates many of the allegations laid out in last month’s FBI complaint against Thompson, adding accusations that she obtained sensitive data from companies outside Capital One, including an unnamed university and a telecommunications firm. Federal attorneys from the Western District of Washington also say Thompson, upon breaching victim organizations, leveraged their computing power to mine for cryptocurrency, an activity known as cryptojacking. Thompson, 33, is a Seattle-based software engineer who formerly worked for Amazon Web Services, the cloud computing giant on which Capital One relies to […]

The post Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking appeared first on CyberScoop.

Continue reading Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking→