The US Justice Department has announced the arrest of two men allegedly involved in a hacking scheme targeting the taxi dispatch system at John F. Kennedy International Airport.
According to authorities, the suspects, Daniel Abayev and Peter Leyman, both residing in New York, hacked into the dispatch system at JFK in an effort to make modifications so that certain taxi drivers would be sent to the front of the line.
At JFK, taxis are required to wait in a holding lot before being dispatched to a terminal in the order in which they arrived. Taxis may need to wait several hours in this lot before being dispatched.
However, Abayev and Leyman hacked into the taxi dispatch system and could manipulate the order in which taxis were dispatched, making it possible for some taxis to skip the line. Taxi drivers who were in on the scheme were charged $10 each time they skipped the line.
The suspects, both aged 48, allegedly hacked the system with the aid of hackers residing in Russia. The cybercrime operation started in 2019, and hacking attempts included bribing someone to deploy malware onto dispatch system computers using a flash drive, gaining unauthorized access to the system via a Wi-Fi attack, and stealing tablets connected to the dispatch system.
“I know that the Pentagon is being hacked[.]. So, can’t we hack the taxi industry[?],” the suspects allegedly said.
While both suspects are US citizens, they communicated in Russian with the hackers located in Russia.
Through this scheme, which ran until September 2021, the hackers enabled up to 1,000 fraudulently expedited taxi trips per day, the indictment shows. Abayev and Leyman are said to have sent more than $100,000 of their profit to the hackers in Russia.
The suspects have each been charged with two counts of conspiracy to commit computer intrusion, which carries a prison sentence of up to 10 years.
Related: Russian National Arrested in Canada Over LockBit Ransomware Attacks
Related: Russian Authorities Arrest Head of International Cybercrime Group
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
