Crypto cyber gang FIN9 indicted in a $71m operation
The FBI has indicted four members of the infamous FIN9 group for orchestrating crypto-related hacking attacks on U.S. companies, which resulted in over $71 million in losses.
FIN9 members — Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong — allegedly hacked into the computer networks of various U.S. companies.
Between May 2018 and October 2021, non-public information — including private data on employee benefits, and funds — was stolen.
According to the indictment, the cybercrime members infiltrated company networks through phishing campaigns and supply chain attacks.
The indictment details how members of FIN9 gained unauthorized access to company networks through phishing campaigns and supply chain attacks.
Once inside, they deployed malware, stole sensitive data, and extorted money from their victims. They redirected digital employee benefits, such as gift cards, to accounts under their control and stole gift card information from certain victims.
The defendants also stole personal information and credit card details from employees and customers of the targeted companies. To conceal their identities, they used the stolen information to register online accounts at cryptocurrency exchanges or server hosting companies.
Tai, Xuyen, and Truong allegedly sold the stolen gift cards to third parties via an account registered with a fake name on a peer-to-peer cryptocurrency marketplace.
The group’s operations specifically targeted a diverse range of U.S. companies, including those in the technology, manufacturing, and financial sectors.
FBI vs. FIN9
The FBI Newark’s Cyber Squad, led by Special Agent in Charge James E. Dennehy, led the effort.
The FBI Little Rock Cyber Squad, under the direction of Special Agent in Charge Alicia D. Corder, assisted the investigation. The case is being prosecuted by Assistant U.S. Attorneys Anthony P. Torntore and Vinay S. Limbachia of the U.S. Attorney’s Cybercrime Unit in Newark.
The defendants are facing various charges in connection with their alleged actions, including conspiracy to commit fraud, extortion, and related activities involving computers, which carries a maximum penalty of up to 5 years in prison.
They also face charges of conspiracy to commit wire fraud, which could lead to a maximum sentence of up to 20 years behind bars. Additionally, they are charged with intentional damage to a protected computer, with each count carrying a potential maximum sentence of up to 10 years in prison.
Further charges include conspiracy to commit money laundering, which carries a maximum penalty of up to 20 years for defendants Tai, Xuyen, and Truong.
Aggravated identity theft mandates a consecutive two-year prison term for Tai and Quoc, while conspiracy to commit identity fraud could result in a maximum sentence of up to 15 years in prison.
U.S. Attorney Philip R. Sellinger underscored the Department of Justice’s success in identifying the defendants despite their attempts to evade detection through technology.
He highlighted their use of keyboards, VPNs, and fake identities in their operations yet emphasized that the Department of Justice was able to track them down. Sellinger reaffirmed his office’s dedication to seeking justice for the victims, sending a clear message to cybercriminals worldwide.
Special Agent in Charge James E. Dennehy of the FBI’s Newark office highlighted the challenges posed by cyber actors who operate in the virtual realm, often evading detection.
He emphasized the precision and innovative methods employed by the FBI Newark’s Cyber Task Force and law enforcement partners to uncover these individuals, labeling them as mere thieves. Dennehy urged businesses and organizations experiencing similar attacks to contact law enforcement promptly to safeguard their systems and prevent further victimization.
This indictment represents a key component of broader U.S. law enforcement initiatives aimed at disrupting sophisticated cybercrime groups such as FIN9. The FBI has highlighted the growing danger posed by these groups, which are known for their use of advanced techniques and tools in executing cyber attacks.
Crypto crimes escalate
A recent Chainalysis report highlights the increasing complexity and resource demands associated with cryptocurrency-related crimes and investigations compared to traditional cases. Surveying over 800 public sector employees globally, the report reveals that while cryptocurrency adoption is on the rise, so too are illicit uses, presenting significant challenges for law enforcement, regulators, and the private sector.
According to the report, cryptocurrency plays a significant role in many crime investigations, although overall views on crypto among law enforcement are mostly positive.
Investigations into crypto-related crimes tend to be more time-consuming than other types of criminal cases, despite advancements in blockchain analytics tools such as those offered by Chainalysis, which aid in gathering evidence.
A recent case involving Chirag Tomar, a cryptocurrency trader accused of orchestrating theft from clients, also underscores the increasing menace of cryptocurrency theft and cybercrime in the digital era.
According to reports, Tomar allegedly abused his role to siphon funds by exploiting vulnerabilities in the trading platform to redirect the stolen money to his personal accounts.
Law enforcement’s investigation into Tomar’s activities involved meticulous analysis of blockchain transactions and digital footprints.
Collaboration between authorities, cryptocurrency exchanges, and relevant stakeholders was crucial in tracking the misappropriated funds and identifying the perpetrator.
This case highlights the evolving sophistication of cybercriminals operating within the cryptocurrency realm and emphasizes the urgent necessity for robust security measures to safeguard digital assets.