Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Cybercrime
      • /
    • Cybercrime Carbanak Gang Leaders Arrested After Causing 1 Billion In Damage

    Cybercrime Carbanak Gang Leaders Arrested After Causing 1 Billion In Damage

    Stu Sjouwerman | Aug 2, 2018
    Fin_7_Malware_Scheme_FBIThe FBI announced Wednesday, August 1st, that an international manhunt had collared three leaders of the Carbanak gang. Also known as Fin7, Carbanak specialized in phishing business for credentials they could use to upload paycard-data-stealing malware into business systems connected with point-of-sale terminals.

     

    They would steal card data and sell it in a black-market carding forum. They also did a side business in the theft and sale of proprietary or non-public information, but that was just gravy: their main course was always selling cards in the criminal-to-criminal market. They targeted more than a hundred companies in the US alone, most of them in the gaming, restaurant, and hospitality sectors. Some of the better-known companies they hacked included Red Robin, Chipotle, and Arby's.

    The three men arrested, Dmytro Fedorov, Fedir Hladyr and Andrii Kopakov, are all Ukrainian nationals. They're now in US Federal custody and awaiting trial on twenty-six felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. Fedorov is awaiting extradition in Poland and Kopakov is doing the same in a Spanish holding cell. Hladyr, picked up by police in Dresden, Germany, is already in Seattle.

    Carbanak was a big operation, thought to have stolen more than $1 billion from businesses worldwide. One hopes these arrests will cripple the gang, but criminal organizations have come back from seeming death before.

    Social engineering, in this case phishing with follow-up phone calls and even workplace surveillance, is effective, which is why criminals and nation-states will continue to try it. Every organization should consider some realistic, interactive training to help raise its employees' awareness of what's at stake, and how they can prevent potentially catastrophic loss. In the meantime, bravo FBI.

    The FBI has the story, complete with a useful infographic explaining how the Fin7 scammers worked, from phishing to carding: https://www.fbi.gov/contact-us/field-offices/seattle/news/stories/how-cyber-crime-group-fin7-attacked-and-stole-data-from-hundreds-of-us-companies

    Topics: Cybercrime

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All