A pentester named Denys Iarmak has been convicted to five years imprisonment after aiding the financially-motivated threat group FIN7 in their cyberattack operations. The suspect was charged with breaching the networks of their targets and stealing banking credentials for about two years, from November 2016 to November 2018.
Furthermore, the suspect was previously arrested and under the custody of Thailand in November 2019 and was deported back to the US in May 2020 to proceed and finalise his case. Iamark was then indicted for wire fraud and computer hacking activities.
Aside from Iamak, two other FIN7 members had already been arrested in the US with charges of stealing banking data and pen-testing.
The indictment of the new suspect revealed that the FIN7 threat group had caused massive monetary loss to Americans with over a billion dollars in total after hacking millions of bank accounts and computer networks of enterprises all over the US.
Based on a US attorney’s statement, Denys Iarmak was a pentester for FIN7 and had designed malware-infected phishing emails, infiltrated networks, and collected payment card details.
The authorities also added that the accused had continued working with the threat group even after being warranted for his charges and the prosecution of his other conspirators.
The FIN7 members also utilised legitimate project management tools to recruit new affiliates to coordinate with the entire group’s malicious activities and manage their network infiltrations. The tools helped the suspect as a pentester – to guide and track other FIN7 members in their operations, including monitoring their progress and transmitting the stolen data to their C2 servers.
Now that Iarmak has been sentenced to five years imprisonment, authorities are certain that it will give justice to the massive loss against many of their victims.
The FIN7 gang was first identified in 2015 as a financially-motivated group that targeted banks and point-of-sale (PoS) terminals of different US firms under various sectors. They are also notorious for utilising a backdoor dubbed Carbanak in most of their cyberattack operations.
