Feds Accuse Three Hackers of Stealing 15 Million Credit Cards in 100 Security Breaches

The US Department of Justice announced the indictment of three alleged members of the infamous financial hacking group known as Carbanak or FIN7.

|
Aug 1 2018, 5:52pm

Image: Shutterstock

US prosecutors announced it has indicted three hackers accused of being part of an infamous criminal gang that has allegedly stolen more than $1 billion over the last five years.

In a press release Wednesday, the US Department of Justice said that Dmytro Fedorov, 44, Fedir Hladyr, 33, and Andrii Kopakov, 30, all from Ukraine, targeted more than 100 U.S. companies, including restaurant chains Chipotle, Chili’s, and Arby’s and were part of a group known as Carbanak or FIN7.

The criminals stole more than 15 million credit cards from 3,600 locations using malware they sent via phishing emails, according to the authorities. Their arrest, said U.S. Attorney Annette Hayes, is just the beginning, and law enforcement agencies are still investigating the group.

“We have no illusions that we’ve taken this group down altogether but but we have made a significant impact,” Hayes said.

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzo@motherboard.tv

The three hackers were arrested last year. Hladyr was caught in Dresden, Germany, and is awaiting trial in Seattle. Fedorov, who was arrested in Poland, and Kolpakov, who was arrested in Spain, are not in the US yet, as the US government is attempting to extradite them.

Carbanak was first discovered by Russian cybersecurity firm Kaspersky Lab in 2014. The group’s activities have been documented over the years by several other firms, such as FireEye and Proofpoint.

FireEye published a report minutes after the announcement of the indictments detailing some of the hacking group’s activities.

In a statement emailed to reporters, Kimberly Goody, the manager of financial crime analysis at FireEye said Carbanak’s hackers showed “exceptional social engineering savvy and innovative methods to evade detection” over the years.

Kaspersky Lab said in a statement that the Carbanak group "was the first to apply to common financial crime the kind of highly sophisticated tools, techniques and processes normally associated with nation-state backed threat actors."

"It learned from these advanced groups how to stay under the radar while amassing a fortune," the statement read.

This story has been updated to include a statement from Kaspersky Lab.

Solve Motherboard’s weekly, internet-themed crossword puzzle: Solve the Internet.