A Ukrainian national was sentenced on Thursday to five years in prison in the United States for his role in the infamous FIN7 hacking group.
The man, Denys Iarmak, 32, was a high-level hacker within FIN7, also referred to as a “pen tester,” working with the cyber gang between November 2016 and November 2018, documents presented in court show.
Iarmak was arrested in Bangkok, Thailand, in November 2019. He was transferred to US custody in May 2020 and pleaded guilty in November 2021 to conspiracy to commit wire fraud and computer hacking.
The FIN7 group, which continues to evolve despite arrests, is said to have stolen more than 20 million card records from organizations in the US, causing estimated losses of more than $1 billion dollars.
Also referred to as Carbanak and Anunak, FIN7 is suspected of launching malware campaigns against hundreds of organizations in the US and abroad, including those in the gambling, hospitality, and restaurant sectors.
[ READ: Member of FIN7 Cybercrime Gang Sentenced to Prison in U.S. ]
Active since at least 2015, the group stole millions of credit and debit card numbers and then used or sold them for profit.
According to court documents, Iarmak worked with FIN7 for roughly two years, using project management platforms such as JIRA to coordinate malicious activity and intrusions.
JIRA was used by the group’s members to track the progress of their intrusions, to upload stolen data, and offer guidance to each other.
The compensation that Iarmak received for his participation in FIN7 “far exceeded comparable legitimate employment in Ukraine,” the US Department of Justice notes.
Iarmak is the third Ukrainian member of the FIN7 group to be sentenced to prison in the US. Last year, Andrii Kolpakov and Fedir Hladyr were sentenced to seven and ten years in prison, respectively.
Related: Member of FIN7 Hacking Group Sentenced to US Prison
Related: FIN7 Cybercrime Operation Continues to Evolve Despite Arrests
More from Ionut Arghire
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- Latitude Financial Services Data Breach Impacts 300,000 Customers
Latest News
- Verosint Launches Account Fraud Detection and Prevention Platform
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Oleria Scores $8M Seed Funding for ID Authentication Technology
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- News Analysis: UK Commits $3 Billion to Support National Quantum Strategy
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
