SEATTLE — Federal officials say three Ukrainians involved in a prolific cybercrime organization have been arrested. They are linked to hacking more than 100 companies in the U.S. and around the world, which caused losses in the tens of millions of dollars.
U.S. Attorney Annette Hayes said at a news conference Wednesday that one man was arrested in Seattle and the other two were taken into custody in Poland and Spain. Their federal indictments were unsealed Wednesday.
The indictments name the defendants as Fedir Hladyr, Dmytro Fedorov and Andrii Kolpakov.
Hayes says the group, called FIN7, used malware tools to reach into more than 3,600 businesses across the country that resulted in the loss of over 15 million credit and debit cards.
Hayes says some of the companies affected included hotels bearing the name of President Trump, Saks Fifth Avenue, Lord & Taylor, Whole Foods, Chipotle, Arby’s, Red Robin and Jason’s Deli.
FBI Special Agent Jay Tabb says the case was one of the largest it has handled, in terms of loss, number of victims and the size of the criminal organization.
Justice Department
Adrian Nish, head of the threat intelligence with BAE Systems, told Reuters that FIN7, also known as Carbanak, is one of the world’s most professional cybercrime organizations, employing dozens of individuals who are assigned specialized tasks such as breaking into networks, stealing payment card numbers and selling the data on underground criminal forums.
The unsealed indictments lay out the methods FIN7 used to infiltrate computer systems, including the use of phishing scams.
CNET explains that targets would receive emails with a malware-laced word-processing file attached, which purported to be an order for catering. Once the phishing emails tricked someone at the business into opening the file, FIN7’s hackers would allegedly dig through the networks to search for and steal credit card information, which they would then sell online.
The file “appeared to be harmless,” said Tabb Jr., the FBI agent involved in the investigation, and the hackers “would often accompany the emails with phone calls in attempts to get [victims] to open the attachment.”
© 2018 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.
