Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

JPMorgan Hackers Plead Guilty

Two Israeli citizens, arrested in Israel in July 2015 and extradited to the US this week pleaded guilty Thursday to orchestrating a computer hacking and fraud scheme that included, but was not limited to, the theft of personal information on 83 million customers from

Two Israeli citizens, arrested in Israel in July 2015 and extradited to the US this week pleaded guilty Thursday to orchestrating a computer hacking and fraud scheme that included, but was not limited to, the theft of personal information on 83 million customers from JPMorgan.

Gary Shalon and Ziv Orenstein entered their pleas in Manhattan federal court. A third defendant, Joshua Aaron, was not present.

Prosecutors said that the current whereabouts of Aaron is unknown, although the Wall Street Journal has suggested, “Mr. Aaron, a U.S. citizen, has since been arrested in Russia and is expected to be brought to the U.S., according to people familiar with the matter.” WSJ is one of 12 companies allegedly targeted by the defendants.

The best known of the attacks was against JPMorgan, which announced in October 2014 that it had been breached with the loss of personal information on 76 million household customers and seven million businesses. In all, more than 100 million people’s personal information was stolen by the gang allegedly led by the defendants. At the time, JPMorgan thought there may have been Russian government involvement.

This data was used to further other illegal practices, including pump & dump emails scams, online casinos and the operation of an unlicensed money laundering bitcoin exchange. The charges brought in New York carry possible prison sentences of between two and 20 years each.

A separate but related indictment unveiled in Atlanta against Shalon, and Aaron claims that the brokerages E*Trade and Scottrade were also targeted; and that the information of 10 million customers was compromised.

At the time of the arrests in Israel, Anthony Murgio and Yuri Lebedev were arrested and charged in New York for operating the Coin.mx bitcoin exchange, and using it to launder bitcoin proceeds from ransomware. The FBI released a statement that said, “In doing so, Murgio, and his co-conspirators knowingly enabled the criminals responsible for those attacks to receive the proceeds of their crimes, yet, in violation of federal anti-money laundering laws, Murgio never filed any suspicious activity reports regarding any of the transactions.”

Although these are separate indictments, it is generally considered that they are related. Murgio and Aaron were apparently friends at Florida State university. Both made frequent trips to Russia, and it has been suggested that there was involvement with the Russian underground. It may have been this Russian connection that led JPMorgan to initially link its breach with the Russian government.

*Updated

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.