Being a systems administrator can be a fulfilling job with a lot of rewards. But if you're a SysAdmin for a hacking group, you could be rewarded with time behind bars.
This is exactly what is happening to 35-year-old Fedir Hladyr, who was a SysAdmin for the hacking group FIN7. Hladyr was recently sentenced to 10 years in prison for his role within the criminal group.
Prosecutors had some strong words for Hladyr and his crimes. Acting U.S. Assistant Attorney General Nicholas L. McQuaid of the Justice Department's Criminal Division said this:
"The defendant and his conspirators compromised millions of financial accounts and caused over a billion dollars in losses to Americans and costs to the U.S. economy."
And Acting U.S. Attorney Tessa M. Gorman of the Western District of Washington shared her thoughts on the case:
"This criminal organization had more than 70 people organized into business units and teams. Some were hackers, others developed the malware installed on computers, and still others crafted the malicious emails that duped victims into infecting their company systems. This defendant worked at the intersection of all these activities and thus bears heavy responsibility for billions in damage caused to companies and individual consumers."
The crimes of Fedir Hladyr and FIN7
Hladyr began his journey with FIN7 when he joined Combi Security, a front cybersecurity company with a fake website and no legitimate customers. He quickly realized the company was part of a criminal enterprise and became the SysAdmin for FIN7.
According to the DOJ, Hladyr played a critical role in several aspects of the operation:
"...aggregating stolen payment card information, supervising FIN7's hackers, and maintaining the elaborate network of servers that FIN7 used to attack and control victims' computers. Hladyr also controlled the organization's encrypted channels of communication."
FIN7 members engaged in highly sophisticated malware campaigns to attack hundreds of U.S. companies, predominantly in the restaurant, gambling, and hospitality industries.
The group was also able to hack into thousands of computer systems which resulted in the stealing of millions of customer credit card information, that was then used or sold for profit.
Here is how the DOJ says the cybercriminal group carried out their attacks:
"To execute its scheme, FIN7 carefully crafted email messages that would appear legitimate to a business' employees, and accompanied emails with telephone calls intended to further legitimize the emails. Once a file attached to a fraudulent email was opened and activated, FIN7 would use an adapted version of the Carbanak malware, in addition to an arsenal of other tools, to access and steal payment card data for the business's customers. Since 2015, many of the stolen payment card numbers have been offered for sale through online underground marketplaces."
FIN7 operated internationally but had incredible success in the U.S. The group was able to hack computer networks of businesses in all 50 states and Washington, D.C.
Operators stole more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations.
According to court documents, there are estimates for the costs of the hacks totaling in billions of dollars.
For more information on Hladyr and FIN7, you can read the statement from the DOJ on the situation.