Federal prosecutors on Wednesday announced the arrest of three high-ranking members of a criminal hacking gang known as Carbanak.
Prosecutors in Seattle unveiled the indictments against Ukrainian nationals Dmytro Fedorov, Fedir Hladyr and Andrii Kopakov.
The individuals allegedly orchestrated a sophisticated hacking campaign targeting over 100 U.S. companies, breaking into computers at more than 3,600 business organizations across the United States.
The Ukrainians are accused of using phishing attacks and malware to harvest information on over 15 million payment cards from thousands of business locations across the U.S., which they then sold for profit.
The Ukrainians each face 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft.
The individuals were apprehended as a result of a long-term investigation led by an FBI cyber task force in Seattle. Federal officials collaborated with officials in Poland, Spain and Germany in order to secure the individuals’ arrests.
“Because hackers are committed to finding new ways to harm the American public and our economy, the Department of Justice remains steadfast in its commitment to working with our law enforcement partners to identify, interdict, and prosecute those responsible for these threats,” said Assistant Attorney General Brian Benczkowski, who oversees the Department of Justice’s criminal division.
The hackers allegedly crafted phishing emails to businesses representatives that appeared legitimate but contained malware. The businesses targeted were primarily in the hospitality, restaurant and gaming industries. Some of the companies targeted in the attack include Chipotle, Arby's, Sonic, Red Robin and Jason's Deli.
Prosecutors said that the conspirators often followed up the emails with phone calls to the companies, encouraging them to open the messages — which would allow the malware to infiltrate the computers. The hackers allegedly stole over 15 million credit and debit cards from the businesses they targeted, which they then tried to sell on the dark marketplace.
One of the conspirators, Fedorov, remains detained in Poland pending his extradition to the United States. Officials said that Hladyr was arrested in Dresden, Germany, and is currently detained in Seattle pending trial. Kopakov was arrested in Lepe, Spain, where he remains detained pending the U.S. government’s request for extradition.
The infamous Carbanak hacking group, also known as FIN7, is based in Eastern Europe and believed to have stolen over $1 billion from financial institutions across the globe.
“From the FBI's perspective, this is the largest, certainly among the top three, criminal computer intrusion cases that the FBI is working right now in terms of loss, number of victims, the global reach, and the size of the organization, the organized crime syndicate doing this,” FBI special agent in charge Jay Tabb of the Seattle Field Office said in part.
“It is pretty significant if you think about it in those terms. Yes, this is only three of the subjects. There are many more subjects charged and not charged that we are investigating. Again, it is an ongoing investigation.”
The case is being prosecuted by U.S. attorneys in the Western District of Washington, with help from the Justice Department’s computer crime and intellectual property division.