Logo

76: Knaves Out

en-us

October 13, 2020

TLDR: Hacker(s) broke into JP Morgan Chase for reasons not immediately apparent; LastPass and SentinelOne provide security solutions.

1Ask AI
  • The Dark Side of the Internet: How Cyber-Criminals Operate Under the RadarWith the rise of the internet comes the rise of cyber-criminals, who can operate anonymously and without repercussions. Businesses must take cybersecurity seriously and investigate any report of a breach, as the risk of not doing so could be catastrophic.

    The internet has made it easier for businesses and entrepreneurs to find good help and customers, but it has also benefited the criminal underworld, making it easier for cyber-criminals to execute their elicit agendas. It is almost impossible to catch a cyber-criminal as hacking is done under the cover of the internet, making it the perfect crime with no traces of the perpetrator. Companies, especially financial institutions like JPMorgan Chase, invest heavily in cybersecurity and IT security, and any report claiming a breach in security should be taken seriously, including a report by Hold Security on the massive credential dump on the darkweb. It may be hard to trust such claims, but the risk of not investigating could be much worse.

  • JPMorgan Chase Hack: Lessons LearnedImplement strong security measures, such as two-factor authentication, to protect sensitive data and access to networks. Avoid reusing passwords and regularly update systems with the latest security features to prevent breaches.

    JPMorgan Chase was hacked when their website for employees to register for a charity race called Corporate Challenge was breached. The hosting company for the site, Simmco Data Systems, was also breached which gave hackers access to JPMorgan's servers. Hackers used stolen credentials to log into an old employee benefits server on the network, which had not been updated with the latest security features or two-factor authentication. Many employees also used the same passwords for multiple sites, making the network vulnerable to attack. Two-factor authentication could have prevented further access into the network. The hackers created a back door into the JPMorgan Chase network, emphasizing the importance of strong security measures in protecting sensitive data.

  • Russian Hacking Attack on JPMorgan Chase in 2014Companies must reinforce cybersecurity measures and be aware of potential geopolitical tensions spilling over into the financial world. The loss of key personnel can make companies vulnerable to cyberattacks, even with tough security measures in place.

    Russian hackers breached JPMorgan Chase's networks and stole 83 million personal identifiable records of US customers in 2014, which were associated with 60% of all US households. The attack was believed to be the retaliation for western sanctions against Russia for annexing Crimea from Ukraine. JPMorgan Chase lost a lot of staff in the previous months, including the chief information officer and chief of security, making them more vulnerable to cyberattacks. Even though the banks have tough security measures, hackers can still gain access through vulnerability points. The attack highlighted the need for companies to reinforce their cybersecurity measures and the risk of geopolitical tensions spilling over into the financial world.

  • Private Sector and Military Mindsets Conflict in Cybersecurity InvestigationsBiases can impact cybersecurity investigations, causing conflicts between private and military sectors. The for-profit nature of cybercrime makes it a greater concern for the private sector, which can also face complications from storage and politics.

    The different mindsets of the military and private sectors can cause clashes and problems in cybersecurity investigations. The bias of cybersecurity experts can affect their interpretation of cyber threats. JPMorgan Chase clashed with the FBI and Secret Service over information-sharing, partly due to their belief that the hack was state-sponsored. The FBI believed the hack to be more likely done by skilled criminals. JPMorgan Chase's lack of storage and politics further complicated the investigation. The hackers' IP addresses were located globally. JPMorgan Chase eventually handed over all data collected during the hack to the FBI. The private sector faces more for-profit criminal activity in cybersecurity than the military.

  • Large Financial Institutions Under Threat of Cyber AttacksFinancial institutions need to implement stronger security measures to protect their customers' information from cyber attackers who often rent servers on opposite sides of the planet, as seen in the 2014 breach of several major banks. Hackers can be caught, as proven by the arrest of two Israeli men linked to the JPMorgan Chase hack.

    Large financial institutions are at risk of being hacked and having their customers’ information stolen, leading to a need for increased security measures. Attackers often hide their tracks by renting servers on opposite sides of the planet. In 2014, multiple financial institutions, including JPMorgan Chase, Fidelity Investments, ADP, HSBC, Citigroup, and Bank of the West were targeted by the same hackers, leading to investigations by several different regulatory bodies. The hackers were able to enter some systems and access customer information, leading to a need for increased security measures. Although many hackers are never caught, in 2015, two Israeli men were arrested for securities fraud and were linked to the JPMorgan Chase hack.

  • Bitcoin Exchange Linked to Major US Bank HacksThe arrests of Murgio and Lebedev shed light on how hackers attempted to break into major US banks and steal valuable customer database records. This attack shows the importance of strong cybersecurity measures.

    The arrests of Anthony Murgio and Yuri Lebedev for running an illegal Bitcoin exchange called Coin.mx were linked to major US bank hacks. The hackers attempted to break into twelve banks, including JPMorgan Chase, and stole 83 million customer database records by stealing email addresses of bank customers. FBI memo linked Joshua, the man on the run from Israel, and Anthony, the arrested man in Florida, to the JPMorgan Chase hack. The hackers didn't steal any monetary gain from banks but the customer's database. The feds had started investigating this group shortly after the JPMorgan Chase hack was discovered, and Joshua was the prime suspect who led investigators to the door of the others.

  • The dark side of stock markets - the pump-and-dump scam.Pump-and-dump is an illegal market manipulation scam where fraudsters use false information to temporarily inflate stock prices and then sell them at a higher price. Be wary of investment opportunities that seem too good to be true.

    Gery, Joshua, and Ziv were involved in a stock market scam called pump-and-dump, where they manipulated the stock prices with false information and made a huge profit by selling stocks at a higher price. They buy stocks in a company at a low price and launch a marketing campaign using fake data to temporarily increase the stock price. Later, they sell the stocks, making a profit. This was illegal market manipulation as they created false hype and backdated the articles to make it seem like their predictions came true. They were indicted in a lawsuit brought by the Securities and Exchange Commission for six such scams over four years, and they made about $3.5 million running these scams.

  • How Gery and his team ran a successful pump-and-dump scam using fake campaigns and hacking.Pump-and-dump scams involve creating a fake market for a stock and then selling it off for a profit. It's important to be wary of unsolicited investment advice and research before investing.

    Gery and his team used a systematic approach to run pump-and-dump scams by creating shell corporations and making private companies go public using reverse mergers. They then marketed these companies with a fake campaign and sold their shares at the right time. They also sent scammy e-mails to millions of people, and later, they hacked JPMorgan Chase to get real e-mail addresses of stock market investors to make their spam more effective. This scam was all upside for Gery, who made money from selling his shell corporation and assigning himself or his friends a large number of shares before the scam even started.

  • Illegal Activities and the Downfall of Online Casino EmpiresGreed and unethical behavior in running an online casino empire can lead to a sudden collapse. Involvement in a massive hack could also result in arrests and legal consequences.

    Gery, Ziv, and Joshua were involved in multiple illegal activities, from manipulating the stock market to running dodgy online casinos. These casinos were notorious for not paying out their winners and delaying cash-out requests by up to 90 days. Despite making an enormous amount of money, these scammers chose to treat their players poorly, indicating their greed. However, the online casino empires of Netad Management and Milore Ltd, run by Gery and Ziv, collapsed overnight after their arrests. Although they were not hackers themselves, they had access to millions of JPMorgan Chase customer email addresses stolen in a massive hack. Even a year after the breach, more financial institutions received FBI visits, indicating the involvement of other hackers.

  • Massive cybercrime scheme including largest US financial data breach.Hackers use shell companies and fraudulent documents to steal and launder money. Fake goods and services, along with online payment processing companies, enable them to avoid scrutiny and appear legitimate.

    A group of hackers conducted cyber-intrusions over several years and stole personal information from over 100 million customers, including the largest data breach of a US financial institution. The hackers operated their schemes through shell companies and fraudulent identification documents, making millions of dollars from online casino, stock fraud, and hacking scams. To launder their money, they used shell corporations for their stock scam and transferred millions of dollars from their casino businesses through these companies. With the money in the shell company accounts, they paid themselves for made-up goods and services, leaving an audit trail that made everything look legitimate. They also created online payment processing companies, IDPay and Todur, to handle their shady transactions - all before getting caught.

  • The Shady World of Money Laundering in Online CasinosMoney laundering through online casinos is a complicated and illegal process involving fake identities, multiple bank accounts, and coded transactions. However, eventually, authorities will catch up with criminals involved in illegal operations.

    Gery used shady payment processors IDPay and Todur to launder illegal money through his online casinos. He opened multiple bank accounts in different countries with fake IDs and coded transactions to look like simple online purchases. Gery's illegal activities ranged from fake pharmaceuticals to bogus antivirus software and illegal pharmacy affiliate programs. He even hacked G2 Web Services, a watchdog company, to ensure they wouldn't flag his payment processors as fraudulent. Despite fines and penalties from credit card companies, Gery continued to find new accounts and fake merchants to keep his illegal operations going. However, the feds eventually caught onto Gery after an undercover agent noticed a suspicious transaction on his credit card statement.

  • Gery's Empire Collapses after Hacking US Financial CompaniesHackers can gain access through regular logins and remain undetected for years, which highlights the importance of constant monitoring and security updates to prevent data breaches.

    Gery's empire was brought down due to their involvement in the hack on JPMorgan Chase. They were behind seven hacks of US financial companies, including E-Trade and Scottrade. The hacker got a regular login to E-Trade and poked around as just a normal user, looking for vulnerabilities on the site. The plan to steal customer data from the databases was figured out almost a year later. The databases of Scottrade and E-Trade were breached, and six million records were stolen from Scottrade. The hacker was careful not to raise any alarms and waited for the admin to log out to download the data in secrecy without drawing unwanted attention.

  • Cybercrime and its Insidious Effects on Online GamblingCybercrime is not just about stealing data and disrupting networks, but can also be used to manipulate search rankings, drive out competition, and cheat players. The reliance on technology in online gambling makes it especially vulnerable to such malicious activities.

    Gery's hacker gained access to E-Trade's and Scottrade's internal networks, stole fifteen million customer records, and merged them into a vast database, which Gery used to draw more players to his online casinos. He also asked the hacker to improve his casinos' search ranking on Google by hacking into dormant gambling-related WordPress blogs to create tons of links to his casinos' websites, which made them rise up in the ranking and become more popular. Gery also paid the hacker to conduct DDoS attacks on his competitors' websites, which could drive players to his casino if they couldn't access their favorite gambling site. Overall, Gery used cybercrime to enrich himself and cheat players out of their winnings.

  • The Dangers of Underhanded Tactics in Casino CompetitionUnethical practices in business can lead to severe consequences, and authorities must aggressively investigate suspicious activity to protect the integrity of the industry. Informants and whistleblowers can play a crucial role in exposing criminal activities.

    Gery, a casino owner, used underhanded tactics to stay ahead of his competitors, including hacking into competitor casinos and executives' emails. However, he was eventually caught and charged with various crimes. He then became an informant and agreed to pay $403 million in forfeit. Gery had stashed away over two billion dollars in various bank accounts around the world, as well as cash, jewelry and properties. This shows the extent to which individuals can go to obtain an unfair advantage and the need for authorities to investigate and prosecute such individuals, while also highlighting the importance of whistleblowers and informants in uncovering criminal activities.

  • The Hunt for Gery's Mystery HackerThe search for a high-level Russian hacker who targeted a US businessman led to the extradition and charges against Andrei Tyurin, despite his protest of innocence and possible FSB backing.

    It took six law firms to negotiate Gery's release, in which he gave up a hacker named Peter Levashov. However, Levashov was not Gery's mystery hacker. The feds believed that the actual hacker was thirty-five-year-old Andrei Tyurin, a well-known, high-level Russian hacker. US intelligence found evidence that Andrei was getting some protection from the FSB, Russia's intelligence agency. After almost a year, the feds finally extradited Andrei from Georgia to New York and charged him with ten counts related to Gery's enterprises. Despite evidence presented to him, Andrei pleaded not guilty. The case has passed through the hands of three different US attorneys for the Southern District of New York.

  • The Complex and Large-Scale Network of Gery Shalon and AssociatesThe greed and desperation of the hackers led to a destructive empire, with one pleading guilty and being sentenced to 12 years in prison. The hack into JPMorgan Chase was just one aspect of their illegal schemes.

    Gery Shalon and his associates engaged in a complex and large-scale network of illegal schemes, hacking fraud, and money laundering, earning over $19 million from their activity. Andrei, who was involved in the hacks, pleaded guilty to conspiracy to commit computer hacking, wire fraud, unlawful internet gambling conspiracies, and conspiracy to commit wire fraud and bank fraud, and was sentenced to 12 years in prison. Gery is believed to be out of prison and living somewhere in the US, while Ziv is waiting to be sentenced. The hack into JPMorgan Chase was not a one-off attack but done by someone with an insatiable appetite for more money. The story highlights the desperation and endless desire of the perpetrators that led to the destruction of their empire.

Was this summary helpful?

Recent Episodes

79: Dark Basin

79: Dark Basin

Darknet Diaries

Adam Hulcoop and John Scott-Railton of Citizen Lab discuss assisting targets of massive hacking campaigns with research and bringing hackers to justice, while Shadowfall's Matthew Earl is also interviewed.

November 24, 2020

78: Nerdcore

78: Nerdcore

Darknet Diaries

Nerdcore musicians including ytcracker, Ohm-I, and Dual Core discuss their music. The episode also features explicit lyrics.

November 10, 2020

77: Olympic Destroyer

77: Olympic Destroyer

Darknet Diaries

During the Winter Olympics in Pyeongchang South Korea, a cyber attack struck, wiping out much of the Olympic's digital infrastructure. Andy Greenberg discussed this incident as part of his book Sandworm.

October 27, 2020

75: Compromised Comms

75: Compromised Comms

Darknet Diaries

Between 2009 and 2013, the CIA's communication channels were compromised, leading to catastrophic consequences for their assets in foreign countries. Guests Jenna McLaughlin and Zach Dorfman appear on this episode.

September 29, 2020

Related Episodes

91: webjedi

91: webjedi

Darknet Diaries

What happens when an unauthorized intruder gets into the network of a major bank? Amélie Koran aka webjedi was there for one of these intrusions and tells us the story of what happened. You can find more talks from Amélie at her website webjedi.net. Sponsors Support for this show comes from IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. This podcast is sponsored by Navisite. Accelerate IT transformation to respond to new demands, lower costs and prepare for whatever comes next. Visit Navisite.com/go. View all active sponsors. Sources https://www.foxnews.com/story/0,2933,435681,00.html https://w2.darkreading.com/risk-management/world-bank-(allegedly)-hacked/d/d-id/1072857 https://www.washingtonpost.com/nation/2020/05/18/missionary-pilot-death-coronavirus/ https://webjedi.net/ CLAIM=8f61b1a2cab60fab354cc5b111ea154705b363d3=CLAIM Learn more about your ad choices. Visit podcastchoices.com/adchoices

April 27, 2021

80: The Whistleblower

80: The Whistleblower

Darknet Diaries

A social engineer shares a story about getting people to do things they don't want to do for profit. They also discuss security threats with sponsors including SentinelOne and Thinkst Canary.

December 08, 2020

130: Jason's Pen Test

130: Jason's Pen Test

Darknet Diaries

Penetration tester Jason Haddix shares stories of breaking into computers and discovered a major security flaw in a popular mobile banking app, highlighting his experience over the world's biggest companies.

December 13, 2022

67: The Big House

67: The Big House

Darknet Diaries

John Strand is a penetration tester. He’s paid to break into computer networks and buildings to test their security. In this episode we listen to stories he has from doing this type of work. Thanks to John Strand for coming on the show and telling your story. Sponsors Support for this episode comes from LastPass. LastPass is a great password manager but it can do so much more. It can setup 2FA for your company, or use it to monitor what your users are doing in the network. Visit LastPass.com/Darknet to start your 14 day free trial. Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start your 7 day free trial and get 25% off when you sign up. Sources How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer Video: How not to suck at pen testing John Strand Video: I Had My Mom Break Into Prison Learn more about your ad choices. Visit podcastchoices.com/adchoices

June 09, 2020

AI

Ask this episodeAI Anything

Darknet Diaries

Hi! You're chatting with Darknet Diaries AI.

I can answer your questions from this episode and play episode clips relevant to your question.

You can ask a direct question or get started with below questions -

Sign In to save message history