Gas pump

Russian authorities have arrested Denis Zayev in Stavropol, Russia, on accusations of defrauding countless of car owners with malware installed on gas pumps all over southern Russia.

According to Russian news outlets [1, 2], Zayev developed malware that he installed on the IT systems at gas stations.

Investigators say the software ran on both gas pumps and cash registries and allowed Zayev and fellow partners to steal between 3% to 7% of fuel pumped into customer cars at affected gas stations.

Zayev allegedly wrote and deployed the software with approval from gas station operators. The scheme was both simple and incredibly ingenious.

How the scheme worked

Operators would leave a gas tank empty at the start of each gas fraud cycle. When customers came to refuel cars, the malware on the gas pump would redirect between 3% to 7% of the fuel customers bought to the empty gas tank.

Customers would remain unaware of this redirection, as the gas pump showed the full details, while the cash register would issue a receipt for both the gas that ended up in the car's tank, but also the hidden gas station tank.

Whenever this empty gas tank would fill up, gas station operators would put the gas inside up for sale. The malware aided again, helping operators disguise transactions.

FSB agents said Zayev sold this malicious program to gas station operators, but was also a partner in many of these schemes, receiving a cut from the stolen and resold gas.

Zayev's malware was undetectable

Agents also said the malware was undetectable during inspections from both gas station employees and law enforcement officials.

The FSB did not reveal how they discovered Zayev's scheme but said they found his malware at gas stations in the Russian territories of Stavropol, Adygea, Krasnodar, Kalmykia, and several regions in North Caucasus.

Russian officials charged Zayev on charges of fraud on a large scale and creation and use of malicious programs. A court ruled he must remain in detention for the time being.

Related Articles:

Necurs Botnet Pushing New Marap Malware

5 Examples of How Cheating in Fortnite Gets You Infected

Massive Malvertising Campaign Discovered Attempting 40,000 Infections per Week

Android Apps Infected With Windows Keylogger Removed From Google Play Store

SamSam Ransomware Crew Made Nearly $6 Million From Ransom Payments