This article is from the source 'nytimes' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.nytimes.com/2015/07/22/business/dealbook/4-arrested-in-schemes-said-to-be-tied-to-jpmorgan-chase-breach.html

The article has changed 3 times. There is an RSS feed of changes available.

Version 1 Version 2
4 Arrested in Schemes Said to Be Tied to JPMorgan Chase Breach 4 Arrested in Schemes Said to Be Tied to JPMorgan Chase Breach
(about 4 hours later)
Authorities have arrested four men in Florida and Israel in connection with a series of investment schemes related to an online attack last summer against JPMorgan Chase, according to people briefed on the matter and court filings. A huge computer attack against JPMorgan Chase last summer may have been more of an attempt to fuel an ongoing pump-and-dump stock scheme rather than an effort to steal financial data from the nation’s biggest bank.
The breach compromised contact information for tens of millions of bank customers. Federal authorities on Tuesday announced the arrest of four men in Florida and Israel in connection with a series of fraudulent investment schemes involving penny stocks and Bitcoin that spanned the globe, from Florida to New York to Israel to Cyprus and Russia.
A series of court filings unsealed on Tuesday did not mention the attack on JPMorgan’s network. Instead, they detailed charges involving a Bitcoin operation and a pump-and-dump stock scheme, a plan involving ransomware on computers and a small New Jersey credit union. But authorities also suspect that some of the men arrested, along with a fifth man charged but still at large, had a hand in last summer’s hacking at JPMorgan that compromised the contact information for 83 million of the bank’s customers, according to people briefed on the matter who spoke on the condition of anonymity.
But the people briefed on the matter said that the four men arrested and another who remains at large in Israel had some involvement in the security breach at JPMorgan Chase, one of the largest ever to hit a major United States bank. None of the five men have been charged with the theft of email addresses and other contact information from the bank or carrying out the hacking.
Federal investigators were onto some of the names of the hackers at JPMorgan early on because the attack was not very sophisticated. It succeeded largely because the bank failed to properly put updates on a remote server that was part of its vast digital network. But investigators were unable to get sufficient evidence to charge any suspected hackers, said one of the people briefed on the matter. Still, authorities are hoping that some of the defendants will seek to cooperate with the investigation and provide prosecutors with enough evidence to also file charges over the hacking one of the largest ever targeting a United States bank.
The investigators then decided to see what other illegal activities the hackers were up to and that eventually led to the discovery of the pump-and-dump stock scheme. The investigation feared that the tens of millions of email addresses that were stolen from the bank would eventually be used to send out spam emails to potential buyers of penny stocks, helping the defendants further their pump-and-dump scheme. A series of court filings unsealed by federal prosecutors in Manhattan did not mention the attack on JPMorgan’s vast network that went on for several months before it was discovered in late July. Rather, the court filings detailed charges involving a multiyear campaign to drive up the price of worthless penny stocks by pitching them to unsuspecting investors through millions of spam emails.
The person briefed on the matter said the hackers involved in a variety of different schemes, including one that involved putting so-called ransomware on computers and demanding payment in Bitcoin to unfreeze the files on a computer. One of the people briefed on the matter said he believed that the defendants had intended to use some of the email addresses obtained in the JPMorgan hacking to find other people who could be persuaded to invest in otherwise worthless stocks.
The three men charged in the stock scheme are Gery Shalon and Ziv Orenstein, both of Israel, and Joshua Samuel Aaron, an American citizen who lived in both Israel and the United States. Mr. Shalon and Mr. Orenstein were arrested in Israel by police there. Mr. Aaron remains at large. Still another scheme involved an unlicensed money-transfer operation used by criminals to cash in Bitcoin paid by people to get malicious software removed from their computers. The perpetrators of that scheme sought to hide their illegal activities by taking control of a small New Jersey credit union.
It is not clear how the five men came to know each other or how the schemes were related.
A JPMorgan spokeswoman declined to comment on the arrests. The bank has said the breach did not compromise customer financial information or sensitive personal information like Social Security numbers.
The two men charged and arrested in Florida, Anthony Murgio and Yuri Lebedev, both attended Florida State University, according to their LinkedIn pages. The men were charged with running an illegal money-transfer operation that converted the digital currency Bitcoin into cash for online criminals.
Information about their lawyers could not be learned late Tuesday.
Less is known about the three Israel residents charged with running a pump-and-dump stock scheme that dates back to at least 2011. Two of the men, Gery Shalon and Ziv Orenstein, were arrested in Israel. United States prosecutors said they would seek to extradite them. A third man, Joshua Samuel Aaron, an American citizen who lives in both Israel and the United States, was charged but remains at large.
In a criminal indictment, Mr. Aaron was described as a frontman for the pump-and-dump schemes who went by the alias “Mike Shields” and communicated with unidentified stock promoters in the United States at Mr. Shalon’s direction. Prosecutors contend the investment schemes made millions of dollars for the men, who laundered their money through bank accounts for a Cyprus-based shell company that had no actual business.
The Securities and Exchange Commission filed its own civil lawsuit against Mr. Shalon, Mr. Orenstein and Mr. Aaron.
Information about their lawyers could not be learned.
Soon after the hacking was discovered at JPMorgan, agents with the Federal Bureau of Investigation determined the attack was not particularly sophisticated even though the bank’s security people had argued otherwise. The hacking succeeded largely because the bank failed to properly put updates on a remote server that was part of its vast digital network.
Early on, federal authorities had identified some of the five men as being involved in the hacking but did not have enough evidence to charge them, said the people briefed on the matter.
So authorities began investigating them for other possible acts of wrongdoing and discovered the pump-and-dump scheme and the illegal money-transfer operation.
It is not clear if any of the email addresses stolen from JPMorgan were used by the defendants to further one of their penny stock schemes.
Preet Bharara, the United States attorney in Manhattan, said in a statement: “As alleged, the defendants manipulated trading in U.S. securities from overseas, using fake identities to funnel millions of dollars in unlawful proceeds through a web of international shell companies. Using false and misleading spam emails sent to millions of people, these defendants allegedly directed their pump-and-dump scheme from their computers halfway around the world.”Preet Bharara, the United States attorney in Manhattan, said in a statement: “As alleged, the defendants manipulated trading in U.S. securities from overseas, using fake identities to funnel millions of dollars in unlawful proceeds through a web of international shell companies. Using false and misleading spam emails sent to millions of people, these defendants allegedly directed their pump-and-dump scheme from their computers halfway around the world.”
Two other men, Anthony Murgio and Yuri Lebedev, were arrested in Florida and charged in two separate complaints with unlicensed money transmitting. The attack on JPMorgan garnered major headlines and attention last year because of the number of people affected and a theory that it may have been tied to Russian gangs, with possible ties to the Russian government. Federal authorities, however, quickly ruled out the Russian government as a suspect, as well as the possibility of direct ties to Russian gangs. The court filings on Tuesday, however, suggest some loose connection to Russia.
The attack on JPMorgan was initially believed to have been tied to Russian gangs, with possible ties to the Russian government. Federal authorities, however, quickly ruled out the Russian government as a suspect, as well as the possibility of direct ties to Russian gangs. The court filings on Tuesday, however, suggest some loose connection. The attack on the bank was discovered somewhat by accident. In July, security employees of the bank learned that the website for the JPMorgan Corporate Challenge, a charitable race organized by the bank, had been hacked and compromised. The website is run by an outside vendor for the bank. But information gleaned from the hacking on the racing website pointed back to a bigger problem with the bank’s own network.
A JPMorgan spokeswoman declined to comment on the arrests. The bank has said the breach did not compromise customer financial information or sensitive personal financial information After that, the bank discovered its own breach. While the hacking itself was not said to be sophisticated, it went on long enough to give the hackers access to 90 servers.
Federal authorities in New York had made the JPMorgan attack a priority investigation, and in the spring, some investigators were expressing confidence in private that they expected to announce some arrest by the summer if not earlier. JPMorgan says it spends $250 million a year on online security and intends to double that amount.
Federal authorities in New York had made the JPMorgan attack a priority investigation because the bank is a critical component of the nation’s financial system. The hackers had tried to infiltrate nearly a dozen other financial institutions but were less successful. By the spring, some investigators were expressing confidence in private that they expected to announce some arrests by the summer if not earlier.
Much of the JPMorgan investigation for Mr. Bharara’s office was overseen by Nicole Friedlander, a chief of the online crimes division, who was working while out on maternity leave for several months, said people briefed on the matter.Much of the JPMorgan investigation for Mr. Bharara’s office was overseen by Nicole Friedlander, a chief of the online crimes division, who was working while out on maternity leave for several months, said people briefed on the matter.
It remains to be seen whether prosecutors working with the F.B.I. can get any of those arrested to provide the evidence they need to bring charges for the hacking as well.