Three senior members of a notorious Eastern European hacker group have been arrested and are facing charges, the Justice Department announced Wednesday.
Dmytro Fedorov, Fedir Hladyr and Andrii Kopakov, all Ukrainian nationals, are part of the FIN7 cybercrime ring that has breached a wide range of companies in recent years, including Saks Fifth Avenue, Omni Hotels & Resorts, Whole Foods and Chipotle. DOJ said that the group hacked companies in 47 states and Washington, D.C., according to POLITICO.
FIN7 hackers used spear-phishing emails and follow-up phone calls to convince their targets to open emails with malicious attachments. They then deployed their famous Carbanak malware to steal customers' payment data. They sold the stolen information on the dark web.
All three men face 26 felony charges, including wire fraud, computer hacking and aggravated identity theft.
The hackers stole "more than 15 million customer card records" in the U.S., in addition to their operations in the United Kingdom, Australia and France, according to DOJ.
Authorities arrested Fedorov in Poland, Hladyr in Germany and Kopakov in Spain. So far, only Hladyr has been extradited to the U.S.
According to the government, FIN7 used a front company called Combi Security, which claimed to offer penetration testing services, to hire cyber criminals who could help them conduct their operations.