The US Department of Justice has charged Aleksandr Derebenetc, also known as “Sasha Novgorod,” and Kirill Shipulin, known as “Kirill Russia,” with two counts of conspiracy to commit computer intrusions. The indictment alleges that Derebenetc and Shipulin hacked the electronic taxi dispatch system at John F. Kennedy International Airport (JFK).

Derebenetc and Shipulin conspired with Daniel Abayev and Peter Leyman, who are US citizens, to hack the dispatch system and move certain taxis to the front of the line in exchange for payment. Abayev pleaded guilty on Monday 30, 2023 to one count of conspiracy to commit computer intrusions, and Leyman pleaded guilty to the same charge on October 4, 2023.

The group explored and attempted various methods to access the dispatch system, including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connection, and stealing computer tablets connected to the dispatch system.

Between November 2019 and November 2020, the hackers compromised the dispatch system and used the access to move specific taxis to the front of the line, allowing taxi drivers to move up the queue. Abayev and Leyman charged taxi drivers $10 each time they were advanced to the front of the line and transferred part of their profits to Shipulin and Derebenetc.

Abayev and Leyman’s scheme resulted in large numbers of taxi drivers skipping the taxi line. Throughout of the scheme, they enabled as many as 1,000 fraudulently expedited taxi trips a day.

Leyman is scheduled to be sentenced on January 11, 2024, and a sentencing hearing for Abayev is set for February 12, 2024. Derebenetc and Shipulin, both residing in Russia, remain at large.