FIN7 Pen Tester Gets Five Years Behind Bars

Written by

A Ukrainian man has been jailed in the US for five years after working for infamous financial crime group FIN7.

Denys Iarmak, 32, was arrested in Bangkok in November 2019 and extradited to the US, where he pleaded guilty last November to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

He was accused of working as a pentester for FIN7 (aka Carbanak Group), which reportedly stole over 20 million credit card records from more than 6500 point-of-sale (POS) terminals at thousands of US businesses since 2015.

These attacks, some of which were also targeted at organizations outside the US, including those in the UK, France and Australia, are said to have cost in excess of $1bn.

The restaurant, gambling and hospitality industries were singled out for special treatment by the group, with popular chain businesses including Chipotle Mexican Grill, Chili’s, Arby’s, Red Robin and Jason’s Deli all impacted.

Attacks were fairly simple in their execution: phishing emails loaded with booby-trapped attachments were targeted at corporate employees, with the group often following up via phone to make sure victims downloaded the malware. The resulting stolen data was put up for sale on carding sites, according to the Department of Justice (DoJ).

From November 2016 to November 2018, Iarmak appears to have played a key role in the organization, using Jira project management software to coordinate malicious activity and network intrusions.

“Iarmak was directly involved in designing phishing emails embedded with malware, intruding on victim networks, and extracting data such as payment card information,” said US attorney Nicholas Brown of the Western District of Washington.

“To make matters worse, he continued his work with the FIN7 criminal enterprise even after the arrests and prosecution of co-conspirators. He and others in this cybercrime group used hacking techniques to essentially rob thousands of locations of multiple restaurant chains at once, from the comfort and safety of their keyboards in distant countries.”

Iarmak will join FIN7 co-conspirators Fedir Hladyr (10 years) and Andrii Kolpakov (seven years) behind bars.

What’s hot on Infosecurity Magazine?