Three indicted in JPMorgan hacking case

Expanded charges link three men to JPMorgan hack, as well as other incidents

On Tuesday, Manhattan US Attorney Preet Bharara's office unsealed an indictment against three individuals charged with hacking several financial institutions, financial news publishers, and other companies.

In a statement to Reuters, JPMorgan confirmed that the recently unsealed indictment is connected to last year's hack, which impacted 83 million households.

Monday's indictment focuses on Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein.

In court documents shared with CSO Online, the prosecutors say that between 2012 and 2015, the three pulled off "the largest theft of customer data from a U.S. financial institution in history" by stealing the personal information of more than 100 million people.

The three men were first named earlier this year in an indictment related to stock and trading fraud. In addition to JPMorgan, the group targeted eleven other companies, though the twenty-three count indictment doesn't name the victims.

The indictment overviews how the some of the attacks were conducted, which included social engineering and exploitation of the Heartbleed vulnerability against "one of the world's largest financial services corporations" based in Boston, Massachusetts.

Using a mix of legitimate access provided to customers by the victims, the indictment names Shalon as the core criminal hacker of the group. Court documents say he was responsible for probing the targeted networks vulnerabilities and installing malware to gain additional access.

Data taken from one victim would be used in attacks against the other victims, including securities market manipulation. Later, the indictment says the group considered targeting email accounts owned by top executives and power traders for insider information, because "they have some interesting info in their mail."

The group leveraged servers in Egypt, the Czech Republic, South Africa, and Brazil to run their financial attacks and serve as a clearinghouse for their stolen data.

Based on the charges, each of the three men indicted will face decades behind bars if convicted. In a related case, a separate indictment was unsealed against Anthony Murgio on Tuesday, who is also linked to the JPMorgan hack.

The Manhattan US Attorney is expected to release additional details later this afternoon.

Join the CSO newsletter!

Error: Please check your email address.

More about CSOelevenManhattan

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Steve Ragan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts