Hacked: Hacking Finance

Three Charged with Masterminding the Single Largest Financial Cyber-Theft in U.S. History


Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


ChronoPay Looks to Kickstart Bitcoin Adoption in Russia 29th May, 2017

Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary 15th November, 2016


Three Charged with Masterminding the Single Largest Financial Cyber-Theft in U.S. History

Posted on .
This article was posted on Wednesday, 07:54, UTC.

U.S. prosecutors have charged three men in relation to the largest cyber-attack and theft of consumer data from a U.S. financial institution in history.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

JP MorganThree Israeli nationals have been charged with running a sweeping hack and fraud campaign that culminated in a massive breach of multiple financial institutions including JPMogran Chase & Co, the biggest bank by assets in the United States. The breach saw hackers gain access to the personal records of over 100 million people between 2012 and summer 2015.

Reuters reports that Israeli nationals Grey Shalon and Ziv Orenstein along with Joshua Samuel Aaron, a U.S. citizen living between Moscow and Tel Aviv, Israel have all been charged with computer hacking and identity theft among 21 other counts. Aaron is labelled a fugitive while Shalon and Orenstein are in custody in Israel after being arrested in July. The U.S. is looking to extradite the two charged.

The hacking spree is said to cover financial institutions and brokerage firms including Scottrade, JP Morgan Chase and ETrade.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Prosecutors also added the criminal enterprise existed from 2007, with U.S. federal prosecutor Preet Bharara noting “the single largest theft of customer data from a U.S. financial institution ever,” signaling a “brave new world of hacking for profit.”

Security Fraud on Cyber Steroids

According to investigators vested in the case, hackers with a prowess in technical skillsets and social engineering gained access to numerous banks’ networks to gain personal data which was then used to manipulate stock prices. The hacks also targeted financial news organizations, prosecutors said.

With a ‘pump and dump’ technique, the hackers didn’t even need to access bank details. Instead, here’s how the hackers profited:

  • The hackers looked into the personal data of those investing in stocks. It’s a staggering effort, with the three hackers allegedly stealing personal information of over 100 million people over the course of several years.
  • With these details, the hackers socially engineered a scam where information was sent to the email addresses of higher-ups to promote stocks that the hackers bought cheaply.
  • With this manipulation, the stocks would eventually rise at which point the hackers would dump their stocks at a higher price.

To give an indication of the scope of the trio’s operation, the trio laundered their money to an overall haul of $100 million through 75 shell companies, bank accounts and brokerages from around the world. An excerpt from the Justice Department’s press release read:

The defendants controlled these companies and accounts using aliases, and by fraudulently using approximately 200 purported identification documents, including over 30 false passports that purported to be issued by the United States and at least 16 other countries.

Bharara called the massive scale of the operation as “securities fraud on steroids.”

An Illegal Bitcoin Exchange

The sweeping crime had court papers reveal details of an illegal Bitcoin exchange. A fourth person named Anthony R. Murgio was charged after allegedly operating Florida-based Coin.mx, a Bitcoin symbolbitcoin exchange along with Shalon as a means to launder the hackers’ ill-gotten gains.

Also read: Hacker-Aided Insider Trading Ring Nets $100 Million

A government charge further alleges that Shalon owned and controlled Coin.mx that fundamentally operated in violation of federal anti-money laundering laws.

Authorities note the duo found ways to trick credit card companies and banks to authorize payment transactions to purchase Bitcoins through Coin.mx by faking transactions purporting to be something else, like a purchase from a pet supply store.

Bharara explained:

The investigation essentially started with one ‘victim company’ and one hack. And as we dug deeper and used all the investigative tools at our disposal, we were able to unearth the gargantuan scheme that you see in the charges unsealed today.

Images from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Receive New Posts on Email:

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Belgium recently had a court ruling that determined Facebook was…