Three men charged with largest cyber hacking scheme in US history

The hacking allegedly included the theft of data from JP Morgan Chase

Andrew Buncombe
New York
Wednesday 11 November 2015 19:48 GMT
The hacking allegedly included the theft of data from JP Morgan Chase
The hacking allegedly included the theft of data from JP Morgan Chase (Reuters)

Support truly
independent journalism

Our mission is to deliver unbiased, fact-based reporting that holds power to account and exposes the truth.

Whether $5 or $50, every contribution counts.

Support us to deliver journalism without an agenda.

Louise Thomas

Louise Thomas


It was, according to prosecutors, nothing less than a massive computer hacking ring that targeted the data of countless millions of people around the world.

Three men - two in custody, the third still at large - allegedly bragged about their ability to hack into some of the supposedly most protected networks on the planet and “perpetrate one of the largest thefts of financial-related data in history”. Among their targets was the US’s biggest bank - JPMorgan Chase & Co.

Asked if US citizens were likely to buy stocks that could be manipulated, one of the trio responded: “It’s like drinking freaking vodka in Russia.”

This was the sprawling scenario outlined by prosecutors in the US who have claimed the three men stole the data of hundreds of millions of people from dozens of companies. They then sold this data to a network of accomplices and made hundreds of millions of dollars in illegal profits.

“It is no longer hacking merely for a quick pay-out, but hacking to support a diversified criminal conglomerate,” said federal prosecutor Preet Bharara, as charges were announced in New York on Tuesday.

“This was hacking as a business model. The alleged conduct also signals the next frontier in securities fraud - sophisticated hacking to steal non-public information.”

Prosecutors have charged three men, two men currently held in Israel and one US citizen believed to be living in Moscow, with crimes ranging from conspiracy to commit computer hacking, wire fraud and money laundering. The charges carry sentences of up to 20 years in jail.

The three men charged were Gery Shalon, 31, of Savyon, Israel, Ziv Orenstein, 40, of Bat Hefer, Israel, and Joshua Samuel Aaron, 31, a US citizen living in Moscow and Tel Aviv.

The three men used a variety of aliases and false identifies, prosecutors said. Mr Shalon alone also went as “Garri Shalelashvili”, “Gabriel”, “Gabi”, “Phillipe Mousset”, and “Christopher Engeham”.

Reports said that all three men were charged in July with related crimes, though the hacking crimes were not specified then. Mr Aaron was labeled a fugitive while Mr Orenstein and Mr Shalon were arrested in Israel in July. Mr Bharara said the US was currently seeking their extradition.

It is not known whether they have secured lawyers or whether any plea has been entered.

“As set forth in these indictments, these three defendants perpetrated one of the biggest thefts of financial-related data in history - making off with the sensitive material of literally thousands of hard-working Americans,” said US Attorney General Loretta Lynch.

“In an age when enormous quantities of vital information are stored in digital format on potentially vulnerable internet-connected devices, public-private praetorships and information-sharing are more important than ever.”

The hacking allegedly included the theft of data from JP Morgan Chase
The hacking allegedly included the theft of data from JP Morgan Chase (Reuters)

Graham Cluley, a British security expert said it was clear that the scope of the alleged hacking operation was behind the ordinary. It was not, he said, simply like taking the information of people’s credit cards.

“What happened here was essentially stock market fraud. It’s about stealing information about company news, results,” he told The Independent.

“Getting such things like news in advance gave them the potential to make money that was enormous.”

One of the biggest thefts of data allegedly carried out by the men took place last summer when they targeted JP Morgan’s networks and obtained the contact information of more than 83 million customers. It was done by making use of a computer server based in Egypt.

“We appreciate the strong partnership with law enforcement in bringing the criminals to justice, said Trish Wexler, a bank spokeswoman.

“As we did here, we continue to cooperate with law enforcement in fighting cybercrime.”

Prosectors said the hacking enterprise began in 2007 and allegedly including the pumping up of stock prices, online casinos, payment processing for criminals, an illegal bitcoin exchange, and the laundering of money through at least 75 shell companies and accounts around the world.

In additional to financial institutions, the hacking also targeted financial services corporations and financial news publishers, among them Dow Jones & Co.

The indictment said some of the massive computer hacks and cyberattacks occurred as the men sought to steal the customer base of competing Internet gambling businesses or to secretly review executives’ emails in a quest to cripple rivals, Reuters said.

Authorities said they used about 200 fake identity documents, including over 30 fake passports supposedly issued by the United States and at least 16 other countries, as they operated their criminal schemes and laundered the proceeds.

Prosecutors also revealed details of what they said were intercepted communications between the three men.

Mr Shalon allegedly bragged about the size and scope of his schemes to manipulate stock prices, describing how he used stolen data. His profit-reaping sale of shares in one company was “a small step towards a large empire. We buy them very cheap, perform machinations, then play with them.”

When he was asked about the danger of being detected by US authorities, he said: “In Israel, you guys probably don’t have to be afraid of the USA…meaning that even if there is some case, they won't be able to do anything?”

Mr Shalon also allegedly told Mr Aaron that the hack of one of the companies had succeeded, saying they had gotten “probably 9 million unique” customer records. He told Aaron: “We got what you wanted, so now show me how WE make out of it ($100 million) a year.”

Prosecutors said the scale of the hacking enterprise was “swirling”.

“The sad truth is that to date, complex cybercrimes like these tend to go unsolved and the criminals tend to go unprosecuted. More often than not, the trail goes cold and the perpetrators get off," said Mr Bharara.

“We believe we've changed that narrative and this case is game-changing proof."

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in