The evidence is starting to pile up that the JPMorgan hack that was first discovered last July was actually just a part of a pump and dump scam carried out by two Florida State fraternity brothers. The hackers who carried out the JPMorgan attack were very likely a sophisticated Russian hacking group hired by the scammers to acquire more targets to spam with promotional email messages about the penny stocks they were going to dump as soon as the price began to run up.
More on pump and dump scam connection to JPMorgan hack
According to indictments made public on July 21, Anthony Murgio allegedly ran a Bitcoin exchange that laundered hot money for hackers. His partner Josh Aaron allegedly set up a pump-and-dump scam that used high-quality spam e-mails to lure investors into buying penny stocks to pump up the price, a scam that produced $2.8 million in profits, according to the court filings.
The latest Robinhood Investors Conference is in the books, and some hedge funds made an appearance at the conference. In a panel on hedge funds moderated by Maverick Capital's Lee Ainslie, Ricky Sandler of Eminence Capital, Gaurav Kapadia of XN and Glen Kacher of Light Street discussed their own hedge funds and various aspects of Read More
The July indictments do not specifically mention hacking, but an FBI memo seen by Bloomberg links the two men to last year’s attack on networks at JPMorgan Chase, claiming they hired and facilitated the hackers
What happened to turn two well-liked and promising business student stock scammers is not clear, but it appears that Murgio had accumulated over $500,000 in debt as a nightclub operator, and Aaron moved to Israel to go into business with a known stock scammer.
Of note, neither one of the fraternity brothers is alleged to have hacked JPMorgan. The October FBI memo did, however, provide evidence linking the men to the cyber hack, such as records of Aaron logging in to servers used in the breach of JPMorgan’s central data center. The bank eventually admitted the thieves had stolen the private data of 83 million JPM customers over three months.
Investigators also noted that only low-value data were stolen in the attack, such as names, addresses and e-mail addresses, which is precisely the data you need for a pump-and-dump scam. Apparently, a group of sophisticated Russian hackers who teamed up with Murgio and Aaron actually carried out JPMorgan hack, and law enforcement officials are trying to use Murgio and Aaron to build a case against the Russians.