Suspected members of the cybercrime gang FIN7 (also known as Carbanak and JokerStash and suspected of targeting more than 100 organizations in the US and others around the globe) were arrested by the Department of Justice (DOJ) on Wednesday August 1 2018.
Ukrainian nationals Dmytro Fedorov, 44; Fedir Hladyr, 33 and Andrii Kolpakov, 30, are in custody, charged with 26 felony counts of alleged conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. The charges were filed in Seattle’s US District Court, according to news from the DOJ. The gang is suspected of being involved in a malware campaign targeting hundreds of companies, including Chipotle Mexican Grill, Chili’s and Arby’s.
“FIN7 successfully breached the computer networks of companies in 47 states and the District of Columbia, stealing more than 15 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations,” the DOJ wrote.
Kaspersky Lab have long been tracking the Carbanak threat. In 2014, Kaspersky researchers observed that Carbanak was the first to apply highly sophisticated tools to common financial crime, techniques and processes normally associated with nation-state backed threat actors.
“Following the publication of our findings, the gang did not disband and disappear as many others do; it stayed and in fact extended its activities,” Kaspersky Lab wrote in an email. “Our research shows that, over time, Carbanak turned into an umbrella for a range of cyber-criminal activities all sharing the same purpose of illicit financial gain. We believe that the kind of active international cooperation that led to these arrests is the key to catching and stopping the most sophisticated cyber-threats.”
The arrest of the Ukranian nationals tied to the FIN7 cybercrime group is significant, said Illumio's head of cybersecurity strategy, Jonathan Reiber. “It shows how hard work and international law enforcement cooperation leads to real results. German, Polish, and Spanish law enforcement agencies worked together to bring these criminals to justice. Cyber-space may be comprised of darknets and bits and bytes, but leadership, detective work and alliance cooperation are what bring down criminal organizations.”