Advertisement

‘Russian hackers’ help two New York men game JFK taxi system

Operation involved malware loaded onto system computers, unauthorized wi-fi access and stolen equipment, feds say.
Cabs wait in the rain in the big lot at John F. Kennedy Airport in New York. (Michael Trueblood/Getty Images)

A pair of men living in New York, working with unnamed Russian nationals, hacked and manipulated the electronic taxis dispatch system at John F. Kennedy International Airport as part of a money-making scheme over a period of at least two years, federal prosecutors said Tuesday.

Starting in at least September 2019, Daniel Abayev and Peter Leyman ran a pay-to-play system for cabbies who could jump the line instead of idling in a holding lot until hailed by a dispatcher, prosecutors with the Southern District of New York said in a statement. Abayev and Leyman allegedly charged taxi drivers $10 for each time they skipped ahead and gave other drivers waivers from the $10 fee if they recruited more paying drivers.

The duo each face two counts of conspiracy to commit computer intrusions, which carry a maximum sentence of 10 years in prison.

As part of the scheme, the men worked with unidentified “hackers” in Russia to develop malware, prosecutors alleged in the indictment, which was unsealed Tuesday. The men bribed someone to insert a flash drive into computers connected to the system used to dispatch the taxis, the prosecutors said. They also gained unauthorized access to the dispatch system via a Wi-Fi connection, and stole computer tablets connected to the system, according to the indictment.

Advertisement

Prosecutors allege the men knew exactly what they were doing. On Nov. 10, 2019, for instance, Abayev allegedly messaged one of the Russian hackers, in Russian: “I know that the Pentagon is being hacked[.]. So, can’t we hack the taxi industry[?]”

It’s not clear how many taxi rides were gamed this way, but in November 2019 Abayev allegedly messaged Leyman a spreadsheet showing the scheme charged drivers an average of 320 trips per day over a three-day period. The scheme enabled as many as 1,000 taxi rides per day, prosecutors said, and at one point the New York-based pair transferred more than $100,000 to the hackers in Russia and described the payments as “payment for software development” or “payment for services rendered.”

U.S. Attorney Damian Williams said in a statement that “these two defendants — with the help of Russian hackers — took the Port Authority for a ride. For years, the defendants’ hacking kept honest cab drivers from being able to pick up fares at JFK in the order in which they arrived. Now, thanks to this Office’s teamwork with the Port Authority, these defendants are facing serious criminal charges for their alleged cybercrimes.”

AJ Vicens

Written by AJ Vicens

AJ covers nation-state threats and cybercrime. He was previously a reporter at Mother Jones. Get in touch via Signal/WhatsApp: (810-206-9411).

Latest Podcasts