Ukrainian Fedir
Hladyr, a FIN7 operator, pleaded guilty in a U.S. district court Wednesday to
conspiracy to commit computer hacking and wire fraud.

The 34-year-old Hladyr, who has been in custody since his
January 2018 arrest
in Dresden, Germany for serving as an administrator of the hacking group under
the cover of front company called Combi Security, copped a deal with
prosecutors in which, a Cyberscoop report
said, he’d see no more than 25 years in prison.

He had originally faced 26 counts for his participation
in campaigns that nicked more than $1 billion from 100 banks in 30 countries in
a 2014 string of point-of-sale (POS) attacks that targeted U.S. restaurant
chains, including Wendy’s, Chipotle and Red Robin. In 2017 researchers
discovered a Carbanak, aka FIN7,
backdoor malware
looking to steal screenshots and passwords.

Dubbed
Bateleur, the malware spread via phishing emails purporting to contain
information on a previously discussed check and sent form an Outlook.com account.