FSU Fraternity Brothers’ Scam Led To JPMorgan Hack


The evidence is starting to pile up that the JPMorgan hack that was first discovered last July was actually just a part of a pump and dump scam carried out by two Florida State fraternity brothers. The hackers who carried out the JPMorgan attack were very likely a sophisticated Russian hacking group hired by the scammers to acquire more targets to spam with promotional email messages about the penny stocks they were going to dump as soon as the price began to run up.

More on pump and dump scam connection to JPMorgan hack

According to indictments made public on July 21, Anthony Murgio allegedly ran a Bitcoin exchange that laundered hot money for hackers. His partner Josh Aaron allegedly set up a pump-and-dump scam that used high-quality spam e-mails to lure investors into buying penny stocks to pump up the price, a scam that produced $2.8 million in profits, according to the court filings.

Q2 Hedge Funds Resource Page Now LIVE!!! Lives, Conferences, Slides And More [UPDATED 7/3 17:55 EST]

Q2 Hedge Funds Resource PageSimply click the menu below to perform sorting functions. This page was just created on 7/1/2020 we will be updating it on a very frequent basis over the next three months (usually at LEAST daily), please come back or bookmark the page. As always we REALLY really appreciate legal letters and tips on hedge funds Read More

The July indictments do not specifically mention hacking, but an FBI memo seen by Bloomberg links the two men to last year’s attack on networks at JPMorgan Chase, claiming they hired and facilitated the hackers

What happened to turn two well-liked and promising business student stock scammers is not clear, but it appears that Murgio had accumulated over $500,000 in debt as a nightclub operator, and Aaron moved to Israel to go into business with a known stock scammer.

Of note, neither one of the fraternity brothers is alleged to have hacked JPMorgan. The October FBI memo did, however, provide evidence linking the men to the cyber hack, such as records of Aaron logging in to servers used in the breach of JPMorgan’s central data center. The bank eventually admitted the thieves had stolen the private data of 83 million JPM customers over three months.

Investigators also noted that only low-value data were stolen in the attack, such as names, addresses and e-mail addresses, which is precisely the data you need for a pump-and-dump scam. Apparently, a group of sophisticated Russian hackers who teamed up with Murgio and Aaron actually carried out JPMorgan hack, and law enforcement officials are trying to use Murgio and Aaron to build a case against the Russians.