Denys Iarmak, a Ukrainian member and a “pentester for the financially motivated hacking group FIN7, was sentenced Thursday to 5 years in prison for violating victims’ networks and stealing credit card information for about two years, between November 2016 and November 2018.
He has been in custody since his November 2019 arrest in Bangkok, Thailand, and was extradited to the US in May 2020.
Iarmak pleaded guilty to counts of conspiracy to commit wire fraud and computer hacking in November 2021.
Iarmak is the third FIN7 member convicted in the US after Fedir Hladyr (a senior manager) was sentenced to ten years in prison on April 16, 2021 and Andrii Kolpakov (another “pentester”) on June 24, 2021, seven years. after their arrest in 2018.
According to the indictment, he and his cybercrime conspirators caused more than $1 billion in losses for Americans after compromising millions of financial accounts and the computer networks of hundreds of US companies.
“Mr. Iarmak was directly involved in designing phishing emails that were embedded with malware, penetrating victim networks and extracting data such as payment card information,” said US attorney Nicholas W. Brown.
“To make matters worse, he continued his work for the criminal enterprise FIN7 even after the arrests and prosecution of co-conspirators.”
Some victims of Iarmak
Impersonating a Legitimate Business
FIN7 pretended to be a legitimate company while recruiting new members, something made clear by Iarmak using legitimate project management software (such as Atlassian JIRA) to coordinate FIN7’s malicious activities and manage network intrusions.
Using such tools, he provided guidance and tracked the progress of FIN7 members as they breached their targets’ networks and uploaded the stolen data to the cybercrime gang’s servers.
“The hacking group he belonged to, disguised as a legitimate company, was recruiting other members to assist in their criminal activities,” added FBI special agent Donald M. Voiret.
“Thanks to the hard work of law enforcement, this defendant, who is responsible for a huge loss, will spend the next few years in prison.”
FIN7 now uses teddy bears and malicious USB flash drives
Since the FIN7 financially motivated hacking group was first spotted in mid-2015, it has mainly focused on banks and point-of-sale (PoS) terminals of European and American companies from various industrial sectors (mainly restaurants, gambling and hospitality) with the multi-functional Carbanak back door.
Although some FIN7 members have been arrested over the years, the cybercrime group is still active and has since switched to using other malware types and tactics.
In January, the FBI warned US companies for the second time about USB drive-by attacks, coordinated by FIN7, targeting the US defense industry with packages containing malicious USB devices that deploy ransomware.
Two years ago, FIN7 operators also impersonated Best Buy as they shipped similar packages of malicious flash drives via USPS to hotels, restaurants and retail outlets. These packs also contain teddy bears to trick the targets into lowering their vigilance.
This post FIN7 hacking group ‘pentester’ sentenced to 5 years in prison
was original published at “https://www.bleepingcomputer.com/news/security/fin7-hacking-group-pen-tester-sentenced-to-5-years-in-prison/”