Cyber security news for all

More

    Feds Arrest Member of Fin7, Group Tied to a Billion Dollars Worth of Hacks

    Authorities are one step closer to curbing the notorious hacking crew- Fin7; which has pulled in as much as a billion dollars worth of illegal revenue, as authorities have arrested an alleged member

    This arrest follows previous ones made in 2018 by the Justice Department (U.S.) when they arrested three Ukrainians for their roles as I.T. administrators in Fin7. Of the arrested three, one, Fedir Hladyr, pleaded guilty to the accusations.

    Seamus Hughes, deputy director of the program on extremism at George Washington University, discovered and shared the court docket with journalists. The unsealed court records listed the criminal pattern and relevant information about the criminal activities of the infamous group. From the records:

    • The group’s M.O. involves sending spoof emails to unsuspecting people who install the malware, giving access to their system. The stolen credit cards ended up on Joker’s Stash (a cybercriminal marketplace). The group also targeted public enterprises like Whole Food, Trump’s Place, Jason Deli, Arby’s, and casinos.
    • The arrested Ukrainian, Denys Iarmak, who also went by GakTus, was extradited from Thailand.

    Complaints

    The complaint laid against Iarmak reads, “Like other members of the group, IARMAK provided his true name to receive payment for his work in furtherance of the group.” It also adds, “in chat logs dating from 2017, Iarmak provided another member of Fin7 with user credentials for a compromised U.S. business as well as internal system information from a target.”

    In a censored version of the November 2019 complaints against Iarmak, FBI Special Agent Briana L. Neumiller wrote, “the hacking group remains incredibly active.”

     

    The group is professional and has an organized administrative system that monitors its I.T. infrastructure. They employ the use of sophisticated apps, like Hipchat and JIRA, for interviews and also flagging issues to one another. One of the techniques used allows the group to determine if an A.V product detects their malware as malicious. To lend credence to his organization, Iarmak contracted a cybersecurity firm to develop an antivirus program; and even created fake penetration testing companies, all to make the organization look legit.

     

     

    Recent Articles

    Manchester United have been blackmailed by cyber attackers

    The Premier League club Manchester UnitedĀ fell victim to a cyber attack according to the Daily Mail. The cyber criminals are apparently demanding ransom in...

    TikTok has fixed a serious security gap issue

    TikTok accounts paid a researcher a reward of 4000 dollars after he reported two vulnerabilities as part of a disclosure. A combination of both...

    Passwords should be changed for Fortinet VPNs

    Administrators should change the access for Fortinet VPNs in use. Log-in information for almost 50,000 VPN networks has appeared in various cyber blogs. A security...

    Twitter confirmed to bring back account verification

    Twitter is bringing back verifications for the account verification in the beginning of 2021. Certain users will then be given a control mark again,...

    350,000 Spotify users were hacked

    At the beginning of July this year, security researchers discovered an unsecured database that contained access and other information from 350,000 Spotify users. Spotify...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox