Breaking News

U.S. charges three Ukrainians in payment card hacking spree

TechnologyAug 01, 2018 07:57PM ET
Saved. See Saved Items.
This article has already been saved in your Saved Items
© Reuters. Man holds laptop computer as cyber code is projected on him in this illustration picture

By Christopher Bing and Karen Freifeld

WASHINGTON (Reuters) - Three Ukrainians have been arrested on criminal hacking charges including stealing payment card numbers, in attacks on more than 100 U.S. companies that cost businesses tens of millions of dollars, the U.S. Justice Department said on Wednesday.

U.S. prosecutors alleged that the three Ukrainians, who were arrested in Europe between January and June, are members of FIN7, a notorious cybercrime gang.

Victims include the Chipotle Mexican Grill (NYSE:CMG), Emerald Queen Hotel and Casino in Washington state, Jason's Deli, Red Robin Gourmet Burgers, Sonic Drive-in and Taco John's, according to the Justice Department. The Emerald Queen stopped the attack and no customer data was stolen, prosecutors said in a press release.

FIN7 has previously been linked to breaches of Trump Hotels, Whole Foods, Saks Fifth Avenue and Lord & Taylor, according to cyber security firm Trend Micro.

One of the three defendants, Fedir Hladyr, 33, has been transferred to Seattle from Dresden, Germany, where he was arrested. Authorities said they are seeking the extradition of the other two: Dmytro Fedorov, 44, and Andrii Kolpakov, 30.

Hladyr has pleaded not guilty and denies wrongdoing, according to his attorney, Arkady Bukh.

"There is no clear decision at this time whether (we) will go to trial or will consider a plea," Bukh said via email.

Reuters could not reach lawyers for the other two.

The three stole and sold payment card numbers and other data belonging to U.S. citizens and businesses, Assistant Attorney General Brian Benczkowski said in a statement.

FIN7 sent "phishing" emails to companies, sometimes following up with phone calls urging employees to open tainted attachments, the indictments said.

Ukrainian officials could not be reached for comment.

FIN7, also widely known as Carbanak, employs dozens of individuals who handle highly specialized tasks such as breaking into networks, stealing payment card numbers and selling stolen data on underground criminal forums, said Adrian Nish, head of threat intelligence with BAE Systems (LON:BAES).

The defendants used a front company named "Combi Security" that claims to have offices in Moscow, Haifa and Odessa, to launch some intrusions, according to court documents.

Combi Security's website describes it as an expert "in the field of comprehensive protection of large information systems from modern cyber threats."

Cybersecurity firm FireEye said it found job advertisements for Combi Security posted to several different Russian, Ukrainian and Uzbek job recruitment websites.

FIN7 stole more than 15 million customer card records from U.S. businesses and also targeted companies in Australia, France and the United Kingdom, according to U.S. prosecutors.

U.S. charges three Ukrainians in payment card hacking spree

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind: 

  • Enrich the conversation
  • Stay focused and on track. Only post material that’s relevant to the topic being discussed.
  • Be respectful. Even negative opinions can be framed positively and diplomatically.
  •  Use standard writing style. Include punctuation and upper and lower cases.
  • NOTE: Spam and/or promotional messages and links within a comment will be removed
  • Avoid profanity, slander or personal attacks directed at an author or another user.
  • Don’t Monopolize the Conversation. We appreciate passion and conviction, but we also believe strongly in giving everyone a chance to air their thoughts. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at’s discretion.

Write your thoughts here
Are you sure you want to delete this chart?
Post also to:
Replace the attached chart with a new chart ?
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
Are you sure you want to delete this chart?
Replace the attached chart with a new chart ?
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Report this comment

I feel that this comment is:

Comment flagged

Thank You!

Your report has been sent to our moderators for review
Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.
Continue with Google
Sign up with Email