Post by: Lisa Vaas | Sophos Naked Security | Published on: 11/14/2016

 

A Florida man is the ninth person to face charges related to the hefty data breach that JPMorgan disclosed in 2014.

Agents arrested Ricardo Hill, 38, last month. A criminal complaint filed in federal court in Manhattan charged him with conspiring to operate an unlicensed bitcoin exchange called Coin.mx.

Prosecutors have said that the exchange was masterminded by Gery Shalon, an Israeli accused of orchestrating a massive attack on JPMorgan and other companies, and that it was operated by another Florida man, Anthony Murgio.

FBI Special Agent Joel Decapua wrote in the complaint filed against Hill in October that Hill was aware the exchange was being used to launder the loot from ransomware schemes.

Hill began working for Coin.mx as a marketing manager and business development coordinator in January 2014.

According to the complaint, Hill discussed with the other operators how dealing with ransomware crooks could get them brought up on charges of money laundering.

Coin.mx allegedly kept processing payments on behalf of the victims of ransomware schemes, pocketing a 7.5% fee with the transactions, which were likely to be reported as fraudulent.

One of the ransomware schemes that lined the pockets of the bitcoin exchange operators was the infamous CryptoLocker: one of the best-known ransomware variants ever released, and one that’s spawned clones such as CryptoWall.

Another of its offspring was one that borrowed the CryptoLocker name and then got packaged up with a phishing email about fake speeding fines.

According to Hill’s estimates, ransomware victims made up about 40% percent of Coin.mx’s customers, based on the volume of calls he received from them, the complaint said.

In November 2015, the Justice Department charged Shalon, Orenstein, and an American named Joshua Samuel Aaron with computer hacking crimes against JPMorgan, as well as other financial institutions, brokerage firms and financial news reporters, including the Wall Street Journal.

Aaron was a fugitive until last month, when he turned up at a facility for illegal immigrants outside Moscow. He had failed to show police a valid passport during a midnight check at his apartment, according to court documents seen by Bloomberg.

The JPMorgan breach was initially thought to involve the theft of as many as 83 million customer records.

Altogether, the trio has been accused of ripping off the data of more than 100 million customers from JPMorgan and other companies, and then using it in schemes such as stock manipulation that generated hundreds of millions of dollars in illicit gains.

Hill was released on $75,000 bond on Thursday. Pending his trial, the court also barred him from going on to money exchanges via the internet.

 

 


Reference Article: https://nakedsecurity.sophos.com/2016/11/14/florida-man-charged-in-jpmorgan-hacking-probe/

Call Us
Directions