Feds Add Ransomware to Pump/Dump Scheme Charges

Prosecutors Allege Bank Hacks, Money Laundering via Bitcoins
Feds Add Ransomware to Pump/Dump Scheme Charges

Prosecutors have expanded a complex case, involving an alleged pump-and-dump stock scheme, hacking into U.S. banks and operating an unlicensed bitcoin exchange, to include money-laundering charges related to processing bitcoin ransoms paid by ransomware victims.

See Also: After Wannacry: Getting Ahead of Ransomware

The alleged pump-and-dump stock scheme involved hacking into 12 U.S. banks to steal contact details for high-net-worth individuals, as well as using the bitcoin exchange Coin.mx to allegedly launder illegal profits, in part, via offshore shell companies.

On April 21, Preet Bharara, the U.S. Attorney for Manhattan, revised an indictment against Coin.mx operator Anthony Murgio and co-defendant Yuri Lebedev to include Anthony's father Michael as a defendant, also adding a charge of conspiracy to commit money laundering, according to court documents.

The revised indictment accuses all three of a conspiracy involving exchanging bitcoins obtained from ransomware victims for cash as well as failing to report related, suspicious transactions to authorities, in violation of U.S. anti-money laundering rules. All three are Florida residents (see Report: Spammers Tied To JPMorgan Chase Hack).

The charges against Anthony Murgio and Lebedev - first announced in July 2015 by the Manhattan U.S. Attorney's office - relate, in part, to their allegedly operating Coin.mx, which prosecutors say was an unlicensed money-transmitting business used to illegally move money out of the United States to overseas bank accounts (see Tougher to Use Bitcoin for Crime?).

The Latest Arrest

On April 21, the FBI arrested Michael J. Murgio, who appeared the same day in U.S. District Court in Florida, according to court documents. NBC News affiliate WPTV reports that Michael Murgio is a member of the Palm Beach County School Board. He's due to be arraigned in New York on April 26.

The elder Murgio's arrest followed a previous revision of the indictment, in March, which added Trevon Gross as a defendant. Gross formerly headed the New Jersey-based federal credit union Helping Other People Excel - "Hope FCU" - which primarily served individuals with low incomes, according to court documents. Prosecutors have accused Gross of accepting $150,000 in bribes from Anthony Murgio and his associates in exchange for allowing them "to take control of Hope FCU" by installing multiple co-conspirators on the board of directors and allowing them to operate the organization "as a captive bank for their unlawful bitcoin exchange until at least late 2014," according to court documents.

Authorities say related, questionable payment processing activities were discovered by the National Credit Union Administration, which forced the credit union to stop all such processing.

The NCUA says it placed Hope FCU into conservatorship in October 2015. "The agency made the decision to liquidate the credit union and discontinue operations after determining it was insolvent and had no prospect for restoring viable operations," NCUA says in a statement. An NCUA spokesman wasn't immediately able to comment on whether the alleged bitcoin money laundering or charges against Gross were directly related to Hope FCU's closure.

Gross, who's a minister, has pleaded not guilty to related charges, Bloomberg reports.

Bigger Case Included Alleged Bank Hacks

The Coin.mx and Hope FCU allegations are part of a much bigger case involving an alleged pump-and-dump stock scheme as well as a U.S. bank hacking spree (see Charges Announced in JPMorgan Chase Hack).

The Manhattan U.S. Attorney's office unsealed a related, 11-count indictment in July 2015 against three men that they accused of having earned $2.8 million via an illegal pump-and-dump stock scheme that involved blasting out millions of spam emails per day to artificially "pump" up the price of penny stocks they owned, before then "dumping" the stocks and making a profit. The scheme was reportedly tied to hack attacks against such financial services heavyweights as JPMorgan Chase, Fidelity Investments and E*Trade Financial that occurred from 2012 to mid-2015.

Authorities in November 2015 indicted three men - Israeli nationals Gery Shalon and Ziv Orenstein, as well as U.S. citizen Joshua Samuel Aaron - as part of an alleged scheme involving hacking into 12 U.S. banks, manipulating securities markets, and using offshore shell companies to hide funds. Prosecutors have accused Shalon of masterminding the operation, and both he and Orenstein have been arrested, while Aaron remains at large.

From April 2013 until July 2015, Shalon helped direct - if not control - Murgio's Coin.mx bitcoin exchange, federal prosecutors claim.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.