back to article Jailed for seven years: Cyber-crook who broke into Big Biz to steal bank card info for FIN7 super-gang

An expert penetration tester working for the notorious cyber-crime gang FIN7 was sent down for seven years on Friday and told to cough up $2.5m for breaking into corporate computer systems. Andrii Kolpakov, 33, a Ukrainian national, was cuffed by authorities in Lepe, Spain, in 2018, and extradited to the US in 2019. He was a …

  1. Anonymous Coward
    Anonymous Coward

    Isn't a multi-year-valid sixteen digit number such a stupid insecure way to manage electronic credit? The credit card industry "scrapes" about 3% of all store retail sale value and puts almost nothing back into R&D. That's criminal too.

    1. Chris G Silver badge

      If it ain't broke, don't fix it!

      All the time the credit card industry is still making a profit, they won't condsider the system is broken.

    2. MachDiamond Silver badge

      It's that 16 digit code, a name, a three/four digit security code and a postal code in addition to an expiration date. The want to add biometrics, but I'm really not keen on having that digitized and stored online. Getting new fingerprints, eyeballs and having one's ears lowered for a new facial recognition profile sounds painful.

      I prefer cash. It works when the power is off. It's anonymous. You can only lose what you have on your person in a robbery and they can't have it off you from the other side of the planet. As soon as money is digitized, The Man or others have a better chance of acquiring it without your consent. I've had my debit card compromised and found out that the bank really didn't care to do anything to help me. What made is worse was that I was out of town at a conference. I had to borrow money from coworkers and withdrawal most of the money from my account when I got home as the bank said it would be 7-10 business days to reissue me a card, two weeks. I learned my lesson and don't rely on banks as much anymore. I always have enough cash for gas and food when traveling so I can get home. I also don't do all of my banking at one bank.

    3. Pascal Monett Silver badge

      Credit card security is improving.

      Here in Europe, I have a OTP token assigned to my credit card. When I make online purchases, I must authenticate and provide the password given by the token at that time.

      Works pretty well and it seems to me that that will very much thwart any miscreant's attempt to fleece me if he ever does manage to snaffle my credit card number somehow.

      Plus, there's the fact that, if I ever do detect suspicious activity on my credit card ledger, I can report it and my bank will block it and send me a replacement credit card at no extra cost.

      1. Anonymous Coward
        Anonymous Coward

        EU is light years ahead of US in terms of card security, magstripe and impression machines is still often used over their and chip and pin is rarely encountered. I just use a prepaid card if I have any business over the pond.

        That said its very relative in terms of security, their are certain brands of chip and pin devices I will not use outside of a lab environment due to flaws in secure channel implementations.

        AC former developer/systems integrator of POS systems

    4. Anonymous Coward
      Anonymous Coward

      Not quite true, the card companies do try and push security, the retailers resist upgrading from magstripe and introducing any speedbumps to purchase like needing to remember pin number as much as anything else

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021