Security News

Another member of notorious cybercrime ring FIN7 is headed to jail after the gang breached major companies' networks across the US and stole more than $1 billion from these businesses' customers. Ukrainian-born Denys Iarmak, 32, who worked as a penetration tester for the criminal group, was sentenced to five years in prison for his affiliation with FIN7.

"Denys Iarmak, a Ukrainian member and a"pen tester for the FIN7 financially-motivated hacking group, was sentenced on Thursday to 5 years in prison for breaching victims' networks and stealing credit card information for roughly two years, between November 2016 and November 2018. Iarmak is the third FIN7 member sentenced in the US after Fedir Hladyr received ten years in prison on April 16, 2021, and Andrii Kolpakov got seven years on June 24, 2021, following their 2018 arrest.

Maksim Berezan, an Estonian man linked to multimillion-dollar ransomware attacks, was sentenced on Friday to 66 months in prison for his involvement in online fraud schemes. According to the indictment, between July 2009 and December 2015, Berezan was a member of the exclusive DirectConnection cybercrime forum Russian-speaking cybercriminals could join after being vetted by three other members.

Sebastien Vachon-Desjardins, a Canadian man charged by the US for his involvement in NetWalker ransomware attacks, was sentenced to 6 years and 8 months in prison after pleading guilty before an Ontario judge to multiple offenses linked to attacks on 17 Canadian victims. The US Department of Justice said in January 2021 that Desjardins allegedly obtained more than $27.6 million after multiple successful attacks and extortion attempts since April 2020, when he first took up his new ransomware affiliate role.

Bernalillo County, New Mexico, has been unable to comply with the settlement terms of a 27-year-old lawsuit over prison conditions because of a ransomware attack last week that saw prisoners back under manual control. Commissioners told the court that all of Bernalillo County, which covers the US state of New Mexico's largest city Albuquerque, had been affected by a January 5, 2022, ransomware attack, including the Metropolitan Detention Center that houses some of the state's incarcerated.

A man pleaded guilty to fraudulently opening rideshare and delivery service accounts using stolen identity information sold on dark web marketplaces. The man is believed to be a leading actor of an 18-member team who stole identities and falsified documents to create false rideshare and delivery service accounts and then sold or rented them to other individuals.

A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. He is the second malware developer associated with the TrickBot gang that the Department of Justice arrested this year.

Justin Sean Johnson, also known as TheDearthStar and Dearthy Star, was sentenced this week to seen years in prison for the 2014 hack of the health care provider and insurer University of Pittsburgh Medical Center. After breaching UPMC's human resources databases, Johnson stole the Personally Identifiable Information and W-2 info of more than 65,000 employees and sold it on the dark web.

Belarusian law enforcement has published a list of Telegram channels that are now considered extremist and warned people that merely joining them would be punishable by up to seven years of imprisonment. The agency published a list of over 100 banned channels on a Telegram channel operated by the law enforcement agency.

32-year old Matthew Gatrel of St. Charles, Illinois, ran two websites that allowed paying users to launch more than 200,000 DDoS attacks on targets in both the private and public sector. He ran two sites, DownThem and Ampnode, both enabling DDoS attacks.