Denys Iarmak FIN7 Hacker sentenced to five years -for his role in the conspiracy. What or WHO did he give up…

FIN7’s “resulted in over $100M in losses; financial institutions, merchant processors , insurance cos, retail companies, and individual cardholders -Arian Taherzadeh and Haider Ali affidavit is WILD

Prerequisite background of FIN-7

As a gentle reminder FIN7 has long been on my radar —partly because I still want to know why this pernicious hacking group didn’t steal any identities in South Dakota and Hawaii. Yes I’m like a dog with a bone and sometimes I tend to fixate on a specific (or several) criminal cases. Thus far there hasn’t been a sufficient explanation. See September 2019 TWText archive Like I said I’ve long held a fascination with cyber criminals…

• See September 2019 - JABBER <— because that continues to make me laugh

• See April 2020 Bolo ←at the time I wanted my readers to pay attention to that particular case

• See May 27, 2020 twitter archive -of my Larmak thread

However if you recall (in this April 2021 article) where I reached back to September 2019 - May 2020 Hladyr -FIN-7 previous research. Thank you WayBack Machine gods for that gift. More recently in November of 2021 I was like: “oh Denys I see you’re going to plea guilty” -see Substack article below

FIN7 aka Carbanak Group fourth defendant expected to plead guilty on November 22, 2021

And if I’m going to be intellectually honest than it’s appropriate for me to say “praise sweet, sweet baby Jesus” I can now dismantle my FIN-7 murder board. Which is at least 3 years old and this particular article is more for me, than my readers. Sorry but at least I informed you upfront…

• see Nov 22, 2021 PLEA AGREEMENT as to Denys Iarmak via WDWA-ECF — or you can pull Larmak’s plea agreement down from my Scribd account

The charges that Defendant Lamak pleaded guilty to carry the following penalties (and this is important because this directly ties to Defendant Larmak’s value in cooperating with the Government, thusly earning a 3 level reduction) —even so 25+ years versus 5 years and $2M in restitution is a pretty sweet deal…

• Conspiracy to Commit Wire Fraud, as charged in Count 1: A maximum term of imprisonment of up to twenty (20) years, a fine of up to $250,000.00, a period of supervision following release from prison of up to three (3) years, and a mandatory special assessment of one hundred dollars ($100).

• Conspiracy to Commit Computer Hacking, as charged in Count 16: A maximum term of imprisonment of up to five (5) years, a fine of up to $250,000.00…

As noted the US Sentencing Guidelines - see 18 USC §3553(a) which reads in part:

1. the nature and circumstances of the offenses;

2. the history and characteristics of Defendant;

3. the need for the sentence to reflect the seriousness of the offenses, to promote respect for the law, and to provide just punishment for the offenses;

4. the need for the sentence to afford adequate deterrence to criminal conduct;

5. the need for the sentence to protect the public from further crimes of Defendant;

6. the need to provide Defendant with educational and vocational training,

   medical care, or other correctional treatment in the most effective manner;

7. the kinds of sentences available;

8. the need to provide restitution to victims; and

9. the need to avoid unwarranted sentence disparity among defendants involved in similar conduct who have similar records.

Now if you understand what to look for in a plea agreement -then you’d note that this specific carve out is pretty remarkable:

Defendant agrees to pay restitution in the apportioned amount of $2,000,000.00 (which shall not be joint and several with any other FIN7 defendant). Said amount shall be due and payable immediately and shall be paid in accordance with a schedule of payments as proposed by the United States Probation Office and ordered by the Court. (emphasis added)

Now -moving on to one of the more important portions of aforesaid plea agreement …. wait… for… it: STATEMENT of FACTS -I now refer you to pages 9 thru 13 —Again you can readily download the Nov 2021 plea agreement via my Scribd Account —but as specifically stated in the Statement of Facts:

Chipotle (Victim-3) publicly disclosed a data breach that impacted approximately 3.9 million payment cards, and Jason’s Deli (Victim￾6) publicly disclosed a data breach that impacted approximately 2 million payment cards.

During the course of the scheme, Defendant received compensation for his participation in FIN7, which far exceeds comparable legitimate employment in Ukraine. For the purposes of this Plea Agreement, the parties agree that – during Defendant’s participation in the malware scheme – FIN7 illegal activity resulted in over $100 million in losses to financial institutions, merchant processers, insurance companies, retail companies, and individual cardholders.

What & WHO did Larmak give up?

Which resulted in the Government’s accord of asking for a 3 level reduction —again a plain reading of the statues Larmak agreed to plea guilty to —has a combined maximum sentence of 25+ years —so that’s why I’m asking what did Defendant Larmak give up — whatever it was —clearly it was/is valuable…Again if you read pages 13 and 14 -subsection entitled: Sentencing Factors. He was looking at decades in federal prison —

United States will make the motion necessary to permit the district court to decrease the total offense level by three (3) levels pursuant to USSG §§ 3E1.1(a) and (b), because Defendant has assisted the United States by timely notifying the United States of his intention to plead guilty, thereby permitting the United States to avoid preparing for trial and permitting the Court to allocate its resources efficiently.

Again if you read pages 13 and 14 -subsection entitled: Sentencing Factors. Or via Scribd He was looking at decades in federal prison —

Or you can pull down the highlighted and annotated copy of Defendant Larmak’s plea agreement from my Scribd Account because I understand how expensive the ECF is and that’s why I typically upload Court filings, so my readers have unfettered access. After all sharing is caring…and sometimes I care…

Defendant Larmak sentenced to five years & $2M in restitution;

Which now brings us to the April 7, 2022 Sentencing Hearing and the FINAL JUDGEMENT (see ECF or see my Scribd Account)

Pages 1 & 2 of Defendant Larmak’s Final Judgement

And to be clear the assets forfeited were previously itemized in his Nov 2021 Plea Agreement -but as you’ll note the Court’s final judgment includes the immediate $2M payment of restitution. Which is further itemized on page 4 of the Final Judgment

Again I’ve taken the liberty of uploading Defendant Larmak’s final judgement to my Scribd account. Oh and in case you are wondering: hell YES you should pay attention to the following March 3, 2022 Motion filed by Larmak — I’m taking an educated guess but I think this will remain under seal until such time the Government has arrested and arraigned the other defendants. But I could be wrong, yet I don’t think I am. I suppose only time will tell if my previous assertion is wrong or right.

• SEALED MEMORANDUM IN AID OF SENTENCING ON BEHALF OF DENYS IARMAK by Denys Iarmak re 55 Motion to Seal Document filed by Denys Iarmak

• See FBI FIN-7 infographics, found here

And lastly see the April 7, 2022 DOJ-OPA Release -Which reads in part (which might answer my previous question about South Dakota and Hawaii) because if you read the following paragraph it states “in all 50 states…”

FIN7 successfully breached the computer networks of businesses in all 50 states and the District of Columbia, stealing more than 20 million customer card records from over 6,500 individual point-of-sale terminals at more than 3,600 separate business locations. According to court documents, victims incurred enormous costs that, according to some estimates, exceeded $1 billion dollars. Additional intrusions occurred abroad, including in the United Kingdom, Australia, and France. Companies that have publicly disclosed hacks attributable to FIN7 include such chains as Chipotle Mexican Grill, Chili’s, Arby’s, Red Robin, and Jason’s Deli.  

And lastly I had fully intended on publishing this article on April 8, 2022 but I decided to make an “executive decision” and opted to publish it today —which means I’ll likely be going dark until the beginning of next week.

Incidentally we are currently under a tornado watch and the winds are gusting at over 45MPH -so that means I didn’t go to the Sound for the sunset tonight. And the house has been swaying for hours. And I mean hours. However enjoy this video from October 2021 as your supplemental daily saltwater therapy…

file411_dc

A post shared by File411 (@file411_dc)

Be Well -Filey

And YES I am aware of DOJ’s arrest of Arian Taherzadeh and Haider Ali, and the subsequent raid The affidavit is WILD —see DDC-ECF or see my Scribd Account. Trust me on this read the damn affidavit because it is W-I-L-D and at times mind blowing —

I can’t help but wonder who actually bankrolled Arian Taherzadeh and Haider Ali —and it’s terrible that four members of the US Secret Service have been suspended but I think (as elucidated in the affidavit the two defendants fooled a lot of law enforcement for two years — again the question I have is:

…who bank rolled Arian Taherzadeh & Haider Ali?

I suppose we will find out -sooner better than later.

Comments

[JP]

Goodie gumdrops ... Thanks! "Who's bankrolling?" is THE question in so much of this. I keep wondering this about the Murdoch's in terms of their incentives to focus Fox as they do?

[Jonji]

I now need a personal "murder board". Especially with all the news lately. It will be 3 blocks long. These last two guys really established quite the set-up; USSP has a website and all the legit-looking trappings. Shame on our secret service, after years of scandal 😡 and I, too, want to know who supported it financially. The hacker hopefully rolled more than one or two!!!