Close this search box.

Elite phishing gang leader gets 10 years in prison


Billions stolen as phishing attacks launched over email, phone, and snail mail.

The system administrator of an elite Ukrainian hacking group that stole more than 15 million credit cards and bank account details has been sentenced to a decade in US federal prison.

The Fin7 (also known as Carbanak) hacking group made hundreds of millions of dollars developing and spreading highly-specialised malware capable of siphoning credit and debit card information which was then sold on underground criminal forums.

All told the group stole and sold more than 20 million customer card records from some 6500 point-of-sale terminals.

Ukrainian national Fedir Hladyr, 35, pled guilty to counts alleging conspiracy, wire fraud, computer hacking, access device fraud, and aggravated identity theft.

The hacking group operated a fake penetration testing business, Combi Security, to recruit hackers (including Hladyr according to his plea deal) and conceal illegal activities. Combi Security listed on its website some of Fin7’s victims as its clientele.

Hladyr was responsible for system administration work including securing the hacking group’s communications, managing its server farm, and launching attacks.

​Those attacks targeted organisations in the United States along with a smaller undisclosed number of organisations in Australia, the United Kingdom, and France.

Law enforcement arrested Fin7 leadership in 2018 but many members remain at large. Authorities estimate Fin7 had some 70 members organised into distinct teams responsible for malware development, infection spreading, and the composition of phishing messages.

The sent expertly-crafted phishing messages. Fin7, unlike most cyber criminals, crafted well-written phishing emails tailored to a victim’s industry. It sent food orders to restaurants with malware-laden word documents and issued fake but convincing invoices.

An innocuous-looking phishing email exemplary of Carbanak’s ability to wreak havoc through careful social engineering

The group even followed up phishing emails with phone calls to bolster the legitimacy of their scams.

An arsenal of tools, including the group’s eponymous-named Carbanak malware, would deploy when phishing email attachments were opened.

Fin7 even sent phishing messages through the post with malware contained within USB sticks.

Acting US Attorney Tessa Gorman of the Western District of Washington said the group inflicted billions of dollars in losses.

“Some were hackers, others developed the malware installed on computers, and still others crafted the malicious emails that duped victims into infecting their company systems,” Gorman said in a statement.

“This defendant (Hladyr) worked at the intersection of all these activities and thus bears heavy responsibility for billions in damage caused to companies and individual consumers.”

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →