Carbanak hacking group sysadmin sentenced to 10 years in prison

Ukrainian national Fedir Oleksiyovich Hladyr, the systems administrator and one of the leaders of the Carbanak hacking group, also known as FIN7, has been sentenced to 10 years' prison in the United States.

The 35-year-old Hladyr, known as "das" and "AronaXus", was arrested in Dresden, Germany, in January 2018 and extradited to the US.

He pleaded guilty in September 2019 to a limited number of charges laid by US authorities, including conspiracy to commit wire fraud, in exchange for other charges to be dropped.

In his sentencing hearing, Hladyr told the court that he had "ruined years of my life and put [his] family through great risk and struggle."

A federal judge in Seattle handed down the lengthy sentence for Hladyr as a deterrent for other would-be cyber criminals, saying they "must understand that, once caught, the punishment will be significant."

Hladyr was also ordered to pay US$2.5 million in restitution.

Fellow alleged Carbanak hackers Andrii "santismo" Kolpakov, Denys "Gak Tus" Iarmak, and Dmytro "hotdima" Fedorov, also Ukrainian nationals, have also been arrested and extradited to the US for trials.

Kolpakov has pleaded guilty, and faces up to 25 years in prison when sentenced in June this year.

The cases against Fedorov and Iarmak are continuing, and expected to last until 2022.

Fedorov, Iarmak and Kolpakov allegedly operated as network penetration testers for Carbanak, providing Hladyr with information about hacking victims, the US authorities claimed.

Hladyr would take that information and create "issues" on an Atlassian Jira server instance, and assign hacking tasks to others.

The hackers went as far as setting up an infosec company, Combi Security, as a front for their activities.

Carbanak or FIN7 has been active since 2015 at least, and is believed to have links to Russia.

It is alleged to have stolen over 15 million credit and debit cards over the years from businesses in the US, Australia, UK and elsewhere in the world, as well as causing bank ATMs to dispense cash.

The hacking group has caused losses estimated to be in the billion dollar range with its malware and spearphishing attacks.

Despite the arrests of the above four, other Carbanak hackers are said to continue their criminal operations.

Security vendor Truesec found a connection between Carbanak/FIN7 and the Ryuk ransomware criminals in December last year, suggesting the two cyber criminal groups may have begun collaborating.