Pen Tester FIN7 Hacking Group Member Lands Seven-year Prison Term
A "high-level" member of FIN7 has been sentenced to a seven-year term for his role in the cybercriminal group.
On Thursday, the US Department of Justice (DoJ) named Andrii Kolpakov, a 33-year-old from Ukraine, as a past member of FIN7 who served as an attacker internally referenced as a penetration tester.
According to US prosecutors, Kolpakov was involved in FIN7 from at least April 2016 until his arrest in June 2018, when he was picked up by law enforcement in Spain and extradited to the United States a year later.
The former hacker managed teams of attackers responsible for compromising the security of target systems, including businesses in the US.
FIN7, also sometimes referred to as Carbanak, specialized in the theft and sale of consumer records from Point-of-Sale (PoS) systems from companies. Malware used by the group would be used to harvest payment card details that were then used to conduct fraudulent transactions or were sold on.
One common attack method employed by FIN7 was Business Email Compromise (BEC), in which phishing emails were sent to employees of a target company containing a malicious file. This attachment contained a variant of the Carbanak malware.
The DoJ estimates that in the US alone, over 6,500 PoS systems at more than 3,600 business locations were infiltrated by FIN7, leading to the theft of tens of millions of debit and credit cards, as well costs of over $1 billion that had to be shouldered by victims.
Additionally, the threat actors have been connected to attacks against organizations in Australia, France, and the United Kingdom.
When it comes to Kolpakov's earnings, prosecutors claim that his pay "far exceeded comparable legitimate employment in Ukraine."
"Moreover, FIN7 members, including Kolpakov, were aware of reported arrests of other FIN7 members, but nevertheless continued to attack US businesses," the DoJ added.
In June 2020, Kolpakov pleaded guilty to one count of conspiracy to commit wire fraud and a further count of conspiracy to commit computer hacking. He has now been sentenced to seven years in prison and has been ordered to pay $2.5 million in restitution.
Europol and the DoJ have both been involved in multiple FIN7 arrests. In April, another Ukrainian national, Fedir Hladyr, was sentenced to 10 years behind bars for acting as a FIN7 systems administrator.
Previous and related coverage
- 'High-level' organizer of FIN7 hacking group sentenced to 10 years in prison
- Global threat group Fin7 returns with new SQLRat malware
- DOJ arrests three Ukrainian nationals from Fin7 cybercrime group
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0
Riding The Wave: The Evolution Of Fintech Investment Strategies
The fintech industry has experienced unprecedented growth in recent years, captivating the attention of investors worldw... Read more
How Fintech Is Revolutionizing Traditional Banking
How fintech is revolutionizing traditional banking is a topic that is garnering positive and immense discourse within th... Read more
Blockchain And Its Impact On Fintech Industry
Blockchain and its impact on Fintech Industry has become a hot topic in the current digital era. The amalgamation of blo... Read more
The Rise Of Fintech In The Digital Era
In the heart of the digital revolution, we've observed a term termed as "fintech" creating a substantial and transformat... Read more
Role Of Fintech In Transforming Retail Banking
The role of fintech in transforming retail banking is producing significant changes in the financial services industry. ... Read more
Fintech Innovations In Asset Management
Financial technology, or FinTech, refers to the blending of financial services with technology. The importance of FinTec... Read more