Cybercrime Comedy: FIN9 Fraudsters Face 45 Years for $71M Phishing Fiasco

Hot Take:

Move over Ocean’s Eleven, here comes Vietnam’s Four! Who knew computer fraud could come with so many aliases and plot twists? If there were an Oscars for cybercrime, these guys would be sweeping the categories, from Best Phishing Campaign to Most Creative Use of Stolen Gift Cards.

Key Points:

• Four Vietnamese nationals tied to FIN9 indicted for $71 million in losses.
• Charges include conspiracy to commit fraud, wire fraud, and intentional damage to protected computers.
• Additional charges of money laundering and identity theft for some of the defendants.
• Separate case highlights two ViLE group members guilty of hacking a federal law enforcement database.
• European Council sanctions six hackers for attacks on critical infrastructure in the EU and Ukraine.

Cybercrime Cast of Characters:

The U.S. Department of Justice (DoJ) has unveiled its latest cyber-thriller, starring four Vietnamese cybercriminals with enough aliases to fill a spy novel. Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong have been accused of orchestrating a series of cyber-attacks, phishing campaigns, and supply chain compromises that racked up over $71 million in damages. These digital miscreants didn’t just stop at hacking; they allegedly pilfered gift cards, personal information, and credit card details, then went on a shopping spree for online accounts and hosting servers.

Phishing for Millions:

From May 2018 to October 2021, the defendants were busy hacking into the computer networks of numerous U.S. companies. They stole non-public information, employee benefits, and funds, causing a digital nightmare for their victims. According to court documents, the Vietnamese hackers were like kids in a candy store, grabbing gift card data, personally identifiable information, and credit card details. They didn’t just hoard the stolen loot; they sold it to third parties, using fake names on peer-to-peer cryptocurrency marketplaces to keep their activities under wraps.

Charges Galore:

These cybercriminals are facing more charges than a smartphone in a power outage. The indictment lists one count of conspiracy to commit fraud, extortion, and related computer activities, one count of conspiracy to commit wire fraud, and two counts of intentional damage to a protected computer. If convicted, they could be looking at up to 45 years behind bars. But wait, there’s more! Additional charges of conspiracy to commit money laundering could add another 20 years for Tai, Xuyen, and Truong. Tai and Quoc, meanwhile, are also looking at charges of aggravated identity theft and conspiracy to commit identity fraud, potentially slapping them with up to 17 more years in prison.

ViLE Villains:

In a separate subplot, the DoJ announced that two members of the ViLE hacking group have pleaded guilty to compromising a federal law enforcement database. Sagar Steven Singh and Nicholas Ceraolo, who operate under aliases like Weep, Convict, Anon, and Ominous, were caught using stolen credentials to access sensitive personal information. They then tried to extort money by threatening to harm a victim’s family and publicly release the data. These two digital desperados face a minimum of two years and a maximum of seven years in prison after pleading guilty to conspiring to commit computer intrusion and aggravated identity theft.

EU Sanctions Squad:

As if that wasn’t enough excitement, the European Council has also imposed sanctions on six hackers for cyber-attacks targeting critical infrastructure and government systems in the EU and Ukraine. Among the newly sanctioned are Aleksandrovich Peretyatko and Andrey Stanislavovich Korinets of the COLDRIVER hacking crew, previously sanctioned by the U.K. and U.S. for spear-phishing campaigns. Joining them on the EU’s naughty list are Sklianko Oleksandr Mykolaiovych and Chernykh Mykola Serhiiovych from the Gamaredon group, along with Mikhail Tsarev and Maksim Galochkin of the Wizard Spider gang, who are linked to the deployment of Conti and TrickBot malware.