Two Russian fugitives have been hit with federal charges for hacking into the dispatch system controlling taxicab hails at John F. Kennedy Airport, authorities said.
Aleksandr Derebenetc (aka Sasha Novgorod), 30, of Nizniy Novgorod, and Kirill Shipulin (aka Kirill Russia), 30, of Moscow, were charged in Manhattan federal court Monday with conspiracy to commit computer intrusions, for which they could each face 10 years behind bars. The government accuses them of repeatedly hacking into JFK’s dispatch system ensuring the orderly flow of taxis picking up fares, and charging drivers a fee to cut them to the front of the line.
Derebenetc and Shipulin are currently suspected to be in Russia. Their two American co-conspirators, 47-year-old Daniel Abayev and 49-year-old Peter Leyman, both of Queens, pleaded guilty to hacking charges this month and are due to be sentenced early next year, facing up to five years imprisonment.
“As alleged in the indictment, these four defendants conspired to hack into the taxi dispatch system at JFK airport,” said Damian Williams, the US Attorney for the Southern District of New York. “Cyber hacking can pose grave threats to infrastructure systems that we rely on every day, and our Office is dedicated to pursuing criminal hackers, whether they be in Russia or here in New York.”
The quartet began hacking into the dispatch system in 2019, using methods like stealing tablets connected to it, bribing employees to expose the system to malware, or simply connecting to it through wifi.
They saw a lucrative money-making opportunity in taking control of dispatching: cabbies picking up fares at JFK must drive into a holding pen and patiently wait their turn to be dispatched to a terminal, in the order they arrived in.
Once they were in, the hackers began charging $10 a pop to cabbies to move them to the front of the line and thus pick up their fare more quickly; the fee was sometimes waived if a cabbie recruited another cabbie into the scheme. The hackers communicated with cabbies in large group chats, soliciting their medallion numbers and then directing them to different terminals.
On days they had successfully hacked into the system, they would message various group chats “Shop open.” When they weren’t able to, they wrote “Shop closed.”
Before the shop was permanently closed in 2021, the hackers were expediting up to 1,000 taxi trips each day, raking in hundreds of thousands of dollars in ill-gotten gains.