Four men in Florida and Israel were recently arrested in connection with last year's massive data breach at JPMorgan Chase, and a fifth man was charged but remains at large, The New York Times reports.
According to the Times, the breach appears to have been aimed specifically at fueling a series of fraudulent investment schemes involving penny stocks and Bitcoin. An unidentified source told the Times the defendants had planned to use email addresses stolen from JPMorgan to target potential investors in penny stocks.
Anthony Murgio and Yuri Lebedev were charged in Florida in connection with an operation converting Bitcoin into cash; and Israeli residents Gery Shalon, Ziv Orenstein and Joshua Samuel Aaron were charged with running a pump-and-dump stock scheme. Aaron remains at large.
"As alleged, the defendants manipulated trading in U.S. securities from overseas, using fake identities to funnel millions of dollars in unlawful proceeds through a web of international shell companies," Manhattan U.S. Attorney Preet Bharara said in a statement. "Using false and misleading spam e-mails sent to millions of people, these defendants allegedly directed their pump-and-dump scheme from their computers halfway around the world."https://o1.qnsr.com/log/p.gif?;n=203;c=204660770;s=9477;x=7936;f=201812281321530;u=j;z=TIMESTAMP;a=20396194;e=i
Despite the bank's statements to the contrary, FBI agents determined that the JPMorgan hack wasn't particularly sophisticated, and succeeded only because the bank had failed to update a remote server.
And despite initial statements linking the attack to Russian hackers, the Times reports that federal authorities quickly determined that the Russian government and Russian gangs weren't involved.
Still, Bloomberg notes that Murgio began spending time in Russia around the time of the JPMorgan attack, as well as an earlier attack on Fidelity.
Securonix chief scientist Igor Baikalov told eSecurity Planet by email that the news should serve as a reminder of the increasing complexity of digital crime. "It's no longer a simple hit-and-run, like account hijacking or indiscriminate spam," he said. "Now it's an elaborate multi-layered, multi-stage fraud scheme that requires a team of criminal specialists to carry out."
"With the fully functioning underground market for malware kits, botnet rental, money mules, and exploit-as-a-service offerings, bank robbers of digital age enjoy collaboration, component reuse, and division of labor," Baikalov added. "The latter makes already challenging attribution of the attack even more difficult: the fact that the network connections originated in one geographic locale or that financial transactions were traced to another one does not necessarily point to the perpetrators, but most likely to various parts of the distributed infrastructure whose legitimate owners might not be even aware of the attack."
A recent eSecurity Planet article examined the challenges of fighting cybercrime.