Two men were arrested this week in Israel for their part in an alleged multi-million dollar pump-and-dump scheme which reports claim could be connected both to a bitcoin money laundering ring and a major cyber-attack on JPMorgan last year.
The FBI said in a statement that three men had been indicted for the stock manipulation – Gery Shalon, Ziv Orenstein and Joshua Aaron – with the latter still at large.
The scheme, ongoing since 2011, was a classic pump-and-dump in which the three allegedly sought to artificially inflate the price of penny stocks by spamming out promotional emails and then sell their shares – apparently earning nearly $3m in the process.
“As alleged, the defendants manipulated trading in US securities from overseas, using fake identities to funnel millions of dollars in unlawful proceeds through a web of international shell companies,” said Manhattan US Attorney, Preet Bharara, in a statement.
“Using false and misleading spam emails sent to millions of people, these defendants allegedly directed their pump-and-dump scheme from their computers halfway around the world.”
However, the case gets more murky still, with Bloomberg alleging a previously unreported FBI memo from October last year links Aaron and former Florida State University classmate, Anthony Murgio, to the JPMorgan hack and attempted incursions at Fidelity Investments and E*Trade Financial.
Although the authorities haven’t linked the two publicly, the newswire claimed that a person familiar with the matter said data stolen from JPMorgan may have been obtained with a view to promoting stocks through another pump-and-dump spam run.
Murgio himself was charged on Tuesday in Manhattan’s federal court for his part in an alleged money laundering operation which it is claimed ‘washed’ $1.8m in bitcoins for thousands of customers including ransomware hackers.
Murgio is accused of operating the ‘bitcoin exchange’ with Yuri Lebedev under a front company – the Collectables Club Private Member Association.
Murgio and Aaron are said to have traveled frequently to Russia, with a person involved in the investigation claiming the two had links to the cyber-criminal underground there.
US officials had initially pegged Russian actors for the JPMorgan attack and it’s thought they may have helped the two.
The case once again highlights the sheer complexity and trans-national nature of cybercrime cases and the time and effort required to bring the guilty parties to justice.
“The dark web is impressively expansive and organizations of this size, conducting schemes of this magnitude, are hidden throughout it in unprecedented numbers,” said Trend Micro chief cybersecurity officer, Tom Kellermann.
“With the amount of exploit kits on the market today, the financial sector must brace itself for an increased level of more intensified attacks.”