US charges Ukrainian hackers over malware campaign
August 2, 2018The US Justice Department on Wednesday said three Ukrainians have been arrested for hacking scores of companies in the US and stealing millions of credit and debit card records.
One of the three defendants was arrested in Dresden, Germany and transferred to Seattle, US under an extradition request. The three men formed part of a major international cybercrime group called FIN7.
"Since at least 2015, FIN7 members engaged in a highly sophisticated malware campaign targeting more than 100 US companies, predominantly in the restaurant, gaming and hospitality industries," the Justice Department said in a statement.
"FIN7 hacked into thousands of computer systems and stole millions of customer credit and debit card numbers, which the group used or sold for profit."
Sophisticated attacks
According to court documents, the defendants used a front company called "Combi Security" to infiltrate US companies.
Claiming to have offices in Moscow, Haifa and Odessa, the front company would reach out to potential targets and dupe employees into opening malware.
Read more: Cybercrime just tip of iceberg in organized criminality, study finds
"They often accompanied emails with phone calls to employees to get them to open the attachments sent in emails. Of course, if they opened the attachment, that would deploy the malware onto the victim company's computer systems," said FBI Special Agent Jay Tabb.
Companies targeted by FIN7 include Chili's, Chipotle Mexican Grill and Red Robin, among others.
'Decades in jail'
Arkady Bukh, a lawyer representing FIN7's systems administrator Fedir Hladyr, said his client has pleaded not guilty and denies any wrongdoing.
"The charges are very serious and my client may be facing decades in jail if convicted," said Bukh. "There is no clear decision at this time whether (we) will go to trial or will consider a plea."
Europol has warned that cybercriminals are becoming increasingly "more aggressive." While cybercriminals have traditionally targeted financial records, "data more generally" has also become a key target.
ls/rt (Reuters, AFP, AP)