In an indictment unsealed by the U.S. Department of Justice (DoJ) on Aug. 1, 2018, three Ukrainian nationals have been charged with conspiracy, wire fraud, computer hacking, access device fraud and aggravated identity theft. Dmytro Fedorov, 44, Fedir Hladyr, 33, and Andrii Kopakov, 30, are suspected to be key members within CARBON SPIDER’s point of sale (POS) subgroup.
The arrests took place between January and June 2018, and coincided with a slowdown in CARBON SPIDER activity. The DoJ announcement also details the group’s use of a front company, named Combi Security, to recruit developers and intrusion specialists for its operations. Given that other members of this subgroup remain at large, it is likely that the tactics, techniques and procedures (TTPs) may change but activity will continue.