FIN7 crime-gang pen tester headed to US prison for five years

Another member of notorious cybercrime ring FIN7 is headed to jail after the gang breached major companies’ networks across the US and stole more than $1 billion from these businesses’ customers.

Ukrainian-born Denys Iarmak, 32, who worked as a penetration tester for the criminal group, was sentenced to five years in prison for his affiliation with FIN7.

At his sentencing hearing, the judge noted that Iarmak, who was arrested in 2019, has been in US custody during the Covid-19 pandemic and now the war in Ukraine. 

“There is some irony, that the nation you were plundering is now leading an international effort to protect your country, your people, your family,” said Chief US District Judge Ricardo Martinez.

Since at least 2015, FIN7 gang members have used phishing emails with malicious files attached to break into hundreds of companies’ networks. Once they gained access, they injected malware to steal customers’ credit- and debit-card numbers, which they then sold on the dark web or used to fund their own shopping sprees. 

In the US alone, FIN7 stole more than 20 million customer card records from over 6,500 point-of-sale terminals at more than 3,600 separate businesses, according to the feds. The miscreants have a preference for the restaurant, gambling and hospitality industries, and they breached chain restaurants including Chipotle Mexican Grill, Chili’s, Arby’s and Red Robin.

Crime pays…for a while

Iarmak’s involvement with the notorious crime group started around November 2016 and lasted about two years, according to the Justice Department. He allegedly used project management software such as JIRA, hosted on servers in other countries, to coordinate FIN7’s illegal deeds and manage its network intrusions.

This proved to be a lucrative gig for Iarmak. “During the course of the scheme, Iarmak received compensation for his participation in FIN7, which far exceeded comparable legitimate employment in Ukraine,” the Justice Department noted.

After being arrested in Bangkok in late 2019, Iarmak was eventually extradited by a Thai court and transferred to US custody in May 2020. 

In November 2021, Iarmak pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

Iarmak is the third FIN7 criminal to face time behind bars for his misdeeds. On April 16, 2021, FIN7 member Fedir Hladyr was sentenced to 10 years in prison. Two months later, FIN7 member Andrii Kolpakov was sentenced to seven years.

While breaking into companies’ payments systems has proven very lucrative for FIN7 over the years, new research published by threat intel firm Mandiant suggests that the crime gang has moved into ransomware to monetize its attacks.

“Throughout their evolution, FIN7 has increased the speed of their operational tempo, the scope of their targeting, and even possibly their relationships with other ransomware operations in the cybercriminal underground,” Mandiant threat researchers wrote. ®

READ MORE HERE