Fedir Hladyr, a 34-year-old Ukrainian, was a member of a notorious sophisticated cybercrime group called FIN7 that targeted companies in 47 states to steal more than 15 million credit card numbers.
FIN7 has been attributed to several intrusions in the banking, hospitality, and retail industries with the objective of gathering financial information of every type.
The infamous group employed phishing emails that included malware, ultimately infecting computers.
Hladyr pleaded guilty to hacking and wire fraud charges in the Western District of Washington on Wednesday. He faces up to 25 years in jail.
The cybercrime group is known for deploying advanced persistent threat-style strategies to compromise their victims and escalate their privileges prior to searching for machines or individuals with access to valuable financial data.
FIN7 preyed upon corporate networks for years using Carbanak malware, which was demonstrated to be able to take screenshots of compromised systems to seize victims’ information.
The professionals of FIN7 deploy commodity or leaked tools to hinder the capabilities of network defenders to identify intrusions linked to Fin7.
His sentencing is scheduled for December 13.