Hacker who stole 15 million payment cards, hacked 3,600 businesses finally arrested

Cyber security solutions specialists report that the Federal Bureau of Investigation (FBI) arrested an alleged member of FIN7, a well-known hacker group specializing in the theft of financial information that has stolen millions of payment cards and other similar details since it was first detected in 2015.

According to documents filed at U.S. District Court for Western Seattle, US, Denys Iarmak, a Ukrainian citizen, was arrested in Thailand and extradited by American justice last Friday. Iarmak is the fourth individual linked to this hacking group who is arrested within the last two years.

A key element during FIN7’s period of activity has been the creation of a phantom company called Combi Security, which offered supposed cybersecurity services. This company “hired” various programmers for alleged pentesting projects, which were actually cyberattack campaigns. Iamark was recruited this way by FIN7.  

Law enforcement agencies say that Iamark managed to extract a large amount of stolen information from the leaders of the cybercriminal group. In addition, as evidence, the authorities filed multiple communications between the hacker and other alleged FIN7 members using the Jabber messaging protocol.

Cyber security solutions specialists note that Iarmak faces multiple charges, including electronic fraud, conspiracy to commit electronic fraud, conspiracy to commit bank fraud, aggravated identity theft, unauthorized access to protected computer equipment, intentionally damage to protected computer equipment, among others.

Regarding the criminal organization FIN7 (also known as Carbanak or Navigator), they are financially motivated hackers who resort mostly to sending phishing emails uploaded from malware, hidden in Word documents or PDFs. The malware used by FIN7 fulfilled various functions to extract information from payment cards, mentioning court documents. One of the main attack vectors employed by these hackers is obtaining card data through attacks on restaurants, casinos and hotels, among other businesses.

According to estimates from it security service specialists, FIN7 has stolen information from more than 15 million payment cards and attacked at least 6,500 point-of-sale terminals worldwide, resulting in losses of millions of dollars for all those affected.

The International Institute of Cyber Security (IICS) notes that the other arrested individuals linked to FIN7 are Dmytro Fedorov, Andrii Kolpakov and Fedir Hladyr.Fedorov was arrested in Poland, while Hladyr and Kolpakov were arrested in Spain in mid-2018. At the moment his trial is interrupted, although it is only a matter of time before the hackers know their sentences.