Andrii Kolpakov, the Ukrainian national that was a supervisor of the FIN7 hacking group has been sentenced to seven years in prison.
Kolpakov was arrested in Spain in 2018 and extradited to the U.S. the following year. In June 2020, he pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.
He was involved with the group starting 2016 and until his arrest was in charge of managing other hackers tasked with breaching the point-of-sale systems of companies, both in the U.S. and elsewhere, in order to deploy malware that was capable of stealing financial information.
FIN7 hacking group is also called Anunak, Carbanak Group, and the Navigator Group, and is known for the engagement it had in a sophisticated malware campaign targeting restaurant, gambling, and hospitality industries in the U.S. in order to obtain credit and debit card numbers that were then used or sold for profit on underground forums.
It looks like the FIN7 hacking group used a firm called Combi Security as a front to recruit hackers — one of them being Kolpakov in an attempt to “provide a veil of legitimacy to the illegal enterprise,” while projecting itself as “one of the leading international companies” that offered penetration testing services to customers worldwide.
According to public documents, since at least 2015, members of FIN7 (also referred to as Carbanak Group and the Navigator Group, among other names) engaged in a highly sophisticated malware campaign to attack hundreds of U.S. companies, predominantly in the restaurant, gambling and hospitality industries. FIN7 hacked into thousands of computer systems and stole millions of customer credit and debit card numbers that were then used or sold for profit. FIN7, through its dozens of members, launched waves of malicious cyberattacks on numerous businesses operating in the United States and abroad. FIN7 carefully crafted email messages that would appear legitimate to a business’s employees and accompanied emails with telephone calls intended to further legitimize the emails. Once an attached file was opened and activated, FIN7 would use an adapted version of the…