Posts Tagged: Gery Shalon

Nov 15

JPMorgan Hackers Breached Anti-Fraud Vendor G2 Web Services

Buried in the federal indictments unsealed this week against four men accused of stealing tens of millions of consumer records from JPMorgan Chase and other brokerage firms are other unnamed companies that were similarly victimized by the accused. One of them, identified in the indictments only as “Victim #12,” is an entity that helps banks block transactions for dodgy goods advertised in spam. Turns out, the hackers targeted this company so that they could more easily push through payments for spam-advertised prescription drugs and fake antivirus schemes.

g2webAccording to multiple sources, Victim #12 is none other than Bellevue, Wash. based G2 Web Services LLC, a company that helps banks figure out if a website is fraudulent or is selling contraband. G2 Web Services has not responded to multiple requests for comment.

In the final chapters of my book, Spam Nation: The Inside Story of Organized Cybercrime, I detailed the work of The International AntiCounterfeiting Coalition (IACC), a non-profit organization dedicated to combating product counterfeiting and piracy.

In 2011, G2 Web Services landed a contract to help the IACC conduct “test buys” at sites with products that were being advertised via spam. The company would identify which banks (mostly in Asia) were processing payments for these sites, and then Visa and MasterCard would rain down steep fines on the banks for violating their contracts with the credit card companies. The idea was to follow the money from schemes tied to cybercrime, deter banks from accepting funds from fraudulent transactions, and make it difficult for spammers to maintain stable credit card processing for those endeavors.

Prosecutors say the ringleader of the cybercrime gang accused of breaking into JPMC, Scottrade, E-Trade and others is 31-year-old Gery Shalon, a resident of Tel Aviv and Moscow. Investigators allege Shalon and his co-conspirators monitored credit card transactions processed through their payment processing business to attempt to discern which, if any, were undercover transactions made on behalf of credit card companies attempting to identify unlawful merchants. The government also charges that beginning in or about 2012, Shalon and his co-conspirators hacked into the computer networks of Victim-12 (G2 Web Services).

Shalon and his gang allegedly monitored Victim-12’s detection efforts, including reading emails of Victim-12 employees so they could take steps to evade detection.

“In particular, through their unlawful intrusion into Victim-12’s network, Shalon and his co-conspirators determined which credit and debit card numbers Victim-12 employees were using the make undercover purchases of illicit goods in the course of their effort to detect unlawful merchants,” Shalon’s indictment explains. “Upon identifying those credit and debit card numbers, Shalon and his co-conspirators blacklisted the numbers from their payment processing business, automatically declining any transaction for which payment was offered through one of those credit or debit card numbers.” Continue reading →

Nov 15

Arrests in JP Morgan, eTrade, Scottrade Hacks

U.S. authorities today announced multiple indictments and arrests in connection with separate hacking incidents that resulted in the theft of more than 100 million customer records from some of the nation’s biggest financial institutions and brokerage firms, including JP Morgan Chase, E*Trade and Scottrade.

jpmchaseProsecutors in Atlanta and New York unsealed indictments against four men and one unnamed alleged co-conspirator in connection with a complex, sprawling scheme to artificially manipulate the price of certain publicly traded U.S. stocks.

The defendants are accused of hacking into JPMorgan Chase in 2014, stealing the names, addresses, phone numbers and email addresses of the holders of some 83 million accounts at the financial institution –a breach that the Justice Department has dubbed the “largest theft of customer data from a U.S. financial institution in history.” Scottrade announced a similar breach of 4.6 million customer records in October 2015. Etrade last month warned 31,000 customers that their contact information may have been breached.

The men allegedly laundered hundreds of millions of dollars from the scheme via a vast cybercrime network that included illegal online pharmacies, fake antivirus or “scareware” schemes, Internet casinos and even a Bitcoin exchange.

Indictments from Atlanta U.S. Attorney John Horn name Gery Shalon, 31, a resident of Tel Aviv and Moscow, who was arrested by Israeli law enforcement in Savyon, Israel in July 2015 and remains in custody there pending extradition proceedings. Another man, Joshua Samuel Aaron, also 31, is a U.S. citizen and resident of Israel, but currently a fugitive. The Atlanta indictments referenced a third, as yet-unnamed accomplice.

Separately, the U.S. Attorney’s Office for the Southern District of New York unsealed its own charges against Shalon and Aaron, as well as a third Israeli citizen, 40-year-old Ziv Orenstein. In addition, prosecutors there announced indictments against Anthony R. Murgio, alleging he fraudulently operated the Florida-based Bitcoin exchange along with Shalon and through it further helped the conspiracy launder its illicit proceeds. Murgio was arrested in July 2015 and is facing prosecution in New York.

According to the Justice Department, between approximately 2007 and July 2015, Shalon owned and operated unlawful internet gambling businesses in the United States and abroad, and that he owned and operated multinational payment processors for illegal pharmaceutical suppliers, counterfeit and malicious software (“malware”) distributors. The government further alleges that Shalon owned and controlled, an illegal United States-based Bitcoin exchange that operated in violation of federal anti-money laundering laws.

“Through their criminal schemes, between in or about 2007 and in or about July 2015, Shalon and his co-conspirators earned hundreds of millions of dollars in illicit proceeds, of which Shalon concealed at least $100 million in Swiss and other bank accounts,” reads a statement issued by Preet Bharara, the United States Attorney for the Southern District of New York. Continue reading →