Two Russian cybercriminals accused of JFK taxi dispatch hack

Two Russian cybercriminals accused of JFK taxi dispatch hack

The US Department of Justice has charged Aleksandr Derebenetc, also known as “Sasha Novgorod,” and Kirill Shipulin, known as “Kirill Russia,” with two counts of conspiracy to commit computer intrusions. The indictment alleges that Derebenetc and Shipulin hacked the electronic taxi dispatch system at John F. Kennedy International Airport (JFK).

Derebenetc and Shipulin conspired with Daniel Abayev and Peter Leyman, who are US citizens, to hack the dispatch system and move certain taxis to the front of the line in exchange for payment. Abayev pleaded guilty on Monday 30, 2023 to one count of conspiracy to commit computer intrusions, and Leyman pleaded guilty to the same charge on October 4, 2023.

The group explored and attempted various methods to access the dispatch system, including bribing someone to insert a flash drive containing malware into computers connected to the dispatch system, obtaining unauthorized access to the dispatch system via a Wi-Fi connection, and stealing computer tablets connected to the dispatch system.

Between November 2019 and November 2020, the hackers compromised the dispatch system and used the access to move specific taxis to the front of the line, allowing taxi drivers to move up the queue. Abayev and Leyman charged taxi drivers $10 each time they were advanced to the front of the line and transferred part of their profits to Shipulin and Derebenetc.

Abayev and Leyman’s scheme resulted in large numbers of taxi drivers skipping the taxi line. Throughout of the scheme, they enabled as many as 1,000 fraudulently expedited taxi trips a day.

Leyman is scheduled to be sentenced on January 11, 2024, and a sentencing hearing for Abayev is set for February 12, 2024. Derebenetc and Shipulin, both residing in Russia, remain at large.


Back to the list

Latest Posts

Cyber Security Week in Review: June 20, 2025

Cyber Security Week in Review: June 20, 2025

In brief: the Langflow, TP-Link and Zyxel flaws exploited in the wild, Russian hackers use ASPs to infiltrate victims’ email accounts, and more
20 June 2025
Russian-linked hackers exploit Google App passwords in email espionage campaign

Russian-linked hackers exploit Google App passwords in email espionage campaign

Victims were tricked into creating and sharing ASPs under the mistaken belief that they are enabling secure communication with the US Department of State.
19 June 2025
FBI-wanted member of ransomware gang arrested in Ukraine, extradited to the US

FBI-wanted member of ransomware gang arrested in Ukraine, extradited to the US

Using custom-developed malware, including ransomware such as LockerGoga, MegaCortex, HIVE and Dharma, the hackers encrypted data on corporate networks.
18 June 2025