Cyber security news for all

More

    Feds Arrest Member of Fin7, Group Tied to a Billion Dollars Worth of Hacks

    Authorities are one step closer to curbing the notorious hacking crew- Fin7; which has pulled in as much as a billion dollars worth of illegal revenue, as authorities have arrested an alleged member

    This arrest follows previous ones made in 2018 by the Justice Department (U.S.) when they arrested three Ukrainians for their roles as I.T. administrators in Fin7. Of the arrested three, one, Fedir Hladyr, pleaded guilty to the accusations.

    Seamus Hughes, deputy director of the program on extremism at George Washington University, discovered and shared the court docket with journalists. The unsealed court records listed the criminal pattern and relevant information about the criminal activities of the infamous group. From the records:

    • The group’s M.O. involves sending spoof emails to unsuspecting people who install the malware, giving access to their system. The stolen credit cards ended up on Joker’s Stash (a cybercriminal marketplace). The group also targeted public enterprises like Whole Food, Trump’s Place, Jason Deli, Arby’s, and casinos.
    • The arrested Ukrainian, Denys Iarmak, who also went by GakTus, was extradited from Thailand.

    Complaints

    The complaint laid against Iarmak reads, “Like other members of the group, IARMAK provided his true name to receive payment for his work in furtherance of the group.” It also adds, “in chat logs dating from 2017, Iarmak provided another member of Fin7 with user credentials for a compromised U.S. business as well as internal system information from a target.”

    In a censored version of the November 2019 complaints against Iarmak, FBI Special Agent Briana L. Neumiller wrote, “the hacking group remains incredibly active.”

     

    The group is professional and has an organized administrative system that monitors its I.T. infrastructure. They employ the use of sophisticated apps, like Hipchat and JIRA, for interviews and also flagging issues to one another. One of the techniques used allows the group to determine if an A.V product detects their malware as malicious. To lend credence to his organization, Iarmak contracted a cybersecurity firm to develop an antivirus program; and even created fake penetration testing companies, all to make the organization look legit.

     

     

    Recent Articles

    Russian Cybercriminal Behind “Cardplanet” Site Sentenced

    According to the United States Department of Justice, a Russian cybercriminal, Aleksey Burkov, 30—who operated Cardplanet site: a site that trafficked stolen card details—has...

    Hackers Used Malicious Docker Images to Mine Monero

    Researchers found malicious images on Docker Hub used for crypto mining. Palo Alto Networks' Unit  42, unraveled a crypto mining scheme which uses malicious Docker...

    NSA outlines requirements for secure collaboration services for US government telework

    The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since...

    Cybercriminals threaten to sell off “scandalous” files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles

    There's no escaping these cybercriminals. In a recent case of "cyber-extortion," threat actors known as REvil, are threatening to expose celebrity "dirt." These threat actors...

    Twitter apologises for exposed customers data

    In what is described as a "data security incident," sensitive details of Twitter's customers were exposed. Unlike other cases of a breach which are...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox