According to newly released court documents, Ukrainian national Denys Iarmak has been arrested for alleged involvement in the malicious cyber campaigns run by the infamous hacking group FIN7.
Among others, Iarmak has been charged with conspiracy to commit computer hacking, fraud, intentional damage to a protected computer, access device fraud, conspiracy to commit wire and bank fraud, wire fraud, and aggravated identity theft.
The objectives of the conspiracy included surveillance of victim computer networks and installing additional malware “for the sole purpose of stealing payment card track data, financial information and private data that would later be sold for financial gain.” The report also alleges that Iarmak was hired as a FIN7 “pen-tester” and “tasked with breaching the security of victims’ computers.”
“Like other members of the group, IARMAK provided his true name in order to receive payment for his work in furtherance of the group,” the complaint alleges. “For example, in a December 26, 2026 Jabber chat with one of the leaders of the hacking group, IARMAK sent his PrivateBank account number to receive salary payment.”
Throughout the investigation, authorities say they were also able to identify the accused through his email address. According to his email account records that held a copy of his resume, Iarmak previously worked as a system administrator for multiple companies.
Since 2014, the highly active gang is notorious for stealing nearly $1 billion from US victims by targeting credit card and financial data using the Carbanak exploit.
Their sophisticated malware campaigns are known to have targeted the systems of an array of organizations from the restaurant, gaming and hospitality industry such as Whole Foods, Trump Hotels, Arby’s and Hudson’s Bay.
The prolific hacking group is also known for its polished skills and organizational sophistication. Members often communicate through private HipChat servers allowing instant messaging and file-sharing features that facilitate internal collaboration. The application was also used for interviewing potential recruits that could help distribute their malware and exfiltrate stolen data including credit card details. The bad actors also use project management software, such as JIRA, to further aid their highly coordinated activity.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Alina Bizga. Read the original post at: https://hotforsecurity.bitdefender.com/blog/fbi-officials-arrest-another-alleged-fin7-gang-member-23372.html
Vaguely relevant but very cyber image from Dall-EOne pattern I spotted after looking at the evolution of IT and security organizations…
The takedown this week of a massive phishing-as-a-service (PhaaS) operation spanned law enforcement agencies from both sides of the Atlantic…
Security operations centers (SOCs) are the front lines in the battle against cyber threats. They use a diverse array of…
Authors/Presenters: *Sina Sajadmanesh, Ali Shahin Shamsabadi, Aurélien Bellet, Daniel Gatica-Perez* Many thanks to USENIX for publishing their outstanding USENIX Security…
FBI, CISA, EC3, and NCSC-NL issued an urgent advisory highlighting the use of new TTPs and IOCs by the Akira…