Two men hacked into JFK airport taxi system so they could charge cabbies to cut the line

ABAYEV and LEYMAN, who are United States citizens living in Queens, New York, and Russian nationals living in Russia (the “Russian Hackers”), engaged in a scheme (the “Hacking Scheme”) to hack the Dispatch System at JFK beginning at least in September 2019 and continuing at least through September 2021. The Russian Hackers were located in Russia.

Taxi drivers who wanted to pick up a fare at JFK were forced to wait in a waiting lot at JFK until they were directed to a particular terminal by the Dispatch System at any time that was relevant. Taxi drivers were often obliged to wait in the waiting lot for many hours before being sent to a terminal. They were sent to the terminals in roughly the same order in which they arrived at the holding lot.

Beginning in 2019, ABAYEV and LEYMAN investigated and experimented with a variety of methods for gaining access to the Dispatch System. These methods included attempting to bribe someone to insert a flash drive containing malware into computers connected to the Dispatch System, obtaining unauthorized access to the Dispatch System via a Wi-Fi connection, and stealing computer tablets that were connected to the Dispatch System. In addition, the participants in the Hacking Scheme communicated with one another via the use of messages, in which they were clear about their desire to hack the Dispatch System. For instance, ABAYEV sent the following communication to one of the Russian Hackers in Russian on or around November 10, 2019: “I know that the Pentagon is being hacked[.].” So, why can’t we break into the taxi business [?]”

ABAYEV and LEYMAN, together with the assistance of other people, were able to effectively hack into the Dispatch System at different occasions between November 2019 and November 2020. They utilized their illegal access to make changes to the Dispatch System and bring select taxis to the head of the line. This allowed the drivers of those taxis to leapfrog other taxi drivers who were waiting in line for their turn. Taxi drivers were required to pay ABAYEV and LEYMAN a fee of ten dollars each time they were moved to the head of the queue. Taxi drivers heard through word of mouth that they could avoid waiting in line for a taxi by paying $10 to members of the Hacking Scheme. Members of the Hacking Scheme offered some taxi drivers a waiver of the $10 fee to skip the taxi line in exchange for recruiting other taxi drivers to pay the $10 fee to avoid waiting in line for a taxi. In order to connect with cab drivers, the Hacking Scheme used both huge group chat threads as well as individual chats. For instance, whenever the Hacking Scheme got access to the Dispatch System over the course of the day, a member of the Hacking Scheme would send a message to the group chat threads stating, “Shop open.” ABAYEV also sent messages to large numbers of cab drivers via the chat threads, directing them on how to conceal their use of trips acquired through the Hacking Scheme from law enforcement. These instructions included the following examples:


At no point should you wait in line at the gas station at JFK.

I ask that you kindly refrain from going around the Central Taxi Hold Lot.

It is requested that you do not wait at the Rockway av.

You have to use extreme caution at all times.

As a direct consequence of ABAYEV and LEYMAN’s approach, a significant number of taxi drivers were able to bypass the taxi queue. During the course of the scam, they were responsible for as many as one thousand fraudulently accelerated cab rides every single day.

The unsealing of an indictment charging DANIEL ABAYEV and PETER LEYMAN with two counts of conspiracy to commit computer intrusions was announced by Damian Williams, the United States Attorney for the Southern District of New York, and John Gay, the Inspector General of the Port Authority of New York and New Jersey (the “Port Authority”). Both of these individuals work for the Port Authority of New York and New Jersey. The indictment alleges that ABAYEV and LEYMAN broke into the John F. Kennedy International Airport’s (abbreviated as “JFK”) computerized taxi dispatch system (referred to as the “Dispatch System”). At John F. Kennedy International Airport, taxi drivers are obliged to wait in a holding lot before they may be sent to pick up a fare. Through the use of a computerized system, cabs are sent out for service in the same sequence in which they arrived. ABAYEV and LEYMAN were involved in a criminal conspiracy with citizens of Russia to hack the Dispatch System in order to expedite the service of particular taxis in return for monetary compensation. The arrests of ABAYEV and LEYMAN took place this morning in the borough of Queens, New York, and they are scheduled to be brought before United States Magistrate Judge Gabriel W. Gorenstein this afternoon.

The United States Attorney for the District of Maryland, Damian Williams, said that “As claimed in the indictment, these two defendants – with the assistance of Russian hackers – took advantage of the Port Authority.” Hacking conducted by the defendants made it impossible for honest taxi drivers to pick up passengers at JFK Airport in the sequence in which they arrived over a period of years. These individuals are now facing significant criminal charges for their alleged involvement in cybercrimes, owing in large part to the collaborative efforts of our Office and the Port Authority.

Both ABAYEV, age 48, and LEYMAN, both aged 48, are residents of Queens, New York, and each face two charges of conspiracy to conduct computer intrusion. The allegations entail a possible maximum punishment of ten years in jail if found guilty.

Source link