Two Men Arrested For Conspiring With Russian Nationals To Hack The Taxi Dispatch System At JFK Airport

Damian Williams, the United States Attorney for the Southern District of New York, and John Gay, the Inspector General of the Port Authority of New York and New Jersey (the “Port Authority”), announced the unsealing of an Indictment charging DANIEL ABAYEV and PETER LEYMAN with two counts of conspiracy to commit computer intrusions.  The Indictment charges that ABAYEV and LEYMAN hacked the electronic taxi dispatch system (the “Dispatch System”) at John F. Kennedy International Airport (“JFK”).  Taxi drivers are required to wait in a holding lot at JFK before they are dispatched to pick up a fare.  A computer system ensures that taxis are dispatched in the order in which they arrived.  ABAYEV and LEYMAN conspired with Russian nationals to hack the Dispatch System and move certain taxis to the front of the line, in exchange for payment.  ABAYEV and LEYMAN were arrested this morning in Queens, New York, and will be presented this afternoon before United States Magistrate Judge Gabriel W. Gorenstein.

U.S. Attorney Damian Williams said: “As alleged in the indictment, these two defendants — with the help of Russian hackers — took the Port Authority for a ride.  For years, the defendants’ hacking kept honest cab drivers from being able to pick up fares at JFK in the order in which they arrived.  Now, thanks to this Office’s teamwork with the Port Authority, these defendants are facing serious criminal charges for their alleged cybercrimes.”

Port Authority Inspector General John Gay said: “This sophisticated, internationally coordinated conspiracy allegedly targeted hard-working taxi drivers trying to earn an honest living.  The Port Authority has zero tolerance for bad actors violating the law at our facilities.  We thank Damian Williams and the Southern District for their partnership as we continue our relentless commitment to detecting and disrupting illegal behavior at our facilities across the region.”

As alleged in the Indictment:[1]

From at least September 2019 through September 2021, ABAYEV and LEYMAN, who are U.S. citizens residing in Queens, New York, and Russian nationals residing in Russia (the “Russian Hackers”), engaged in a scheme (the “Hacking Scheme”) to hack the Dispatch System at JFK.

At all relevant times, taxi drivers who sought to pick up a fare at JFK were required to wait in a holding lot at JFK before being dispatched to a specific terminal by the Dispatch System.  Taxi drivers were frequently required to wait several hours in the lot before being dispatched to a terminal and were dispatched in approximately the order in which they arrived at the holding lot.

Beginning in 2019, ABAYEV and LEYMAN explored and attempted various mechanisms to access the Dispatch System, including bribing someone to insert a flash drive containing malware into computers connected to the Dispatch System, obtaining unauthorized access to the Dispatch System via a Wi-Fi connection, and stealing computer tablets connected to the Dispatch System.  The members of the Hacking Scheme also sent messages to each other in which they explicitly discussed their intention to hack the Dispatch System.  For example, on or about November 10, 2019, ABAYEV messaged the following to one of the Russian Hackers in Russian: “I know that the Pentagon is being hacked[.].  So, can’t we hack the taxi industry[?]”

At various times between November 2019 and November 2020, ABAYEV and LEYMAN, working with others, successfully hacked the Dispatch System.  They used their unauthorized access to alter the Dispatch System and move specific taxis to the front of the line, thereby allowing drivers of those taxis to skip other taxi drivers waiting in the line.  ABAYEV and LEYMAN charged taxi drivers $10 each time they were advanced to the front of the line.  Taxi drivers learned that they could skip the taxi line by paying $10 to members of the Hacking Scheme through word of mouth, and members of the Hacking Scheme offered some taxi drivers waivers of the $10 fee in exchange for recruiting other taxi drivers to pay the $10 fee to skip the taxi line.  The Hacking Scheme also used large group chat threads in order to communicate with taxi drivers.  For example, when the Hacking Scheme had access to the Dispatch System for the day, a member of the Hacking Scheme would message the group chat threads, “Shop open.”  ABAYEV also sent messages to large groups of taxi drivers on the chat threads instructing them how to avoid detection by law enforcement when using trips purchased from the Hacking Scheme, such as the following:

DEAR  DRIVERS  !!!! PLEASE !!!!

Do not wait at the gas station in JFK

Please do not go around the CTH [Central Taxi Hold] Lot

Please do not wait at Rockway av

You have to be very very carefully

ABAYEV and LEYMAN’s scheme resulted in large numbers of taxi drivers skipping the taxi line.  Over the course of the scheme, they enabled as many as 1,000 fraudulently expedited taxi trips a day.

*                *                *

ABAYEV, 48, and LEYMAN, 48, both of Queens, New York, are each charged with two counts of conspiracy to commit computer intrusion.  The charges carry a maximum sentence of 10 years in prison.

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendants will be determined by a judge.

Mr. Williams praised the outstanding work of the Port Authority Office of the Inspector General.  Mr. Williams also thanked Homeland Security Investigations for their assistance in the investigation.

The case is being prosecuted by the Office’s Complex Frauds and Cybercrime Unit. Assistant U.S. Attorneys Kevin Mead and Steven J. Kochevar are in charge of the prosecution.

The charges contained in the Indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.