Today's financial services industry lesson: don't run an online currency exchange for just anybody.
The Feds just charged a ninth alleged member of a group accused of hacking
Fidelity [
profile],
J.P. Morgan [
profile], and several other financial services giants. Federal prosecutors charged
Ricardo Hill of Brandon, Florida with running Coin.mx, an unlicensed bitcoin exchange, Nate Raymond of
Reuters reports, and then on Thursday, after Hill appeared in federal court in New York City, a magistrate granted his release on a $75,000 bond.
[See
MFWire's
living timeline for more updates and history on the great financial services hack.]
| George Gatch J.P. Morgan Asset Management CEO, Global Funds Management | |
Prosecutors accuse Hill of being the "finance support manager and business development consultant for Coin.mx," the wire service reports, and they claim that
Gery Shalon (one of the three alleged masterminds of the hacking conspiracy) owned Coin.mx and that the exchange conducted transactions for victims of ransomware and other hacking tactics.
The public side of the case dates back to November 2015, when U.S. Attorney Preet Bharara
unveiled a previously sealed, 68-page indictment against Shalon,
Joshua Samuel Aaron (an American, like Hill), and
Ziv Orenstein. The indictment accused the trio of masterminding a "cybercriminal enterprise operated through hundreds of employees, co-conspirators and infrastructure in over a dozen countries." In May 2016 word leaked that Israeli officials had
approved the extradition of Orenstein and Shalon (both Israelis), and
Reuters says the duo pleaded not guilty. And then last month
Bloomberg revealed that the third alleged mastermind, Aaron, is being detained in Russia for a visa violation and is negotiating with U.S. officials to come back to the states.
Reuters notes that Aaron is still in Russia now. Meanwhile, word is that Aaron might have met in person with a still-unrevealed fourth suspect based in Russia.
Hill and
Anthony Murgio, whom prosecutors claim operated Coin.mx, have not been charged with any part of the hacking offenses,
Reuters notes.
J.P. Morgan, online brokerages
TD Ameritrade and
Scottrade, and News Corp's
Dow Jones unit have all confirmed that they were victims of the alleged hacking conspiracy. And from the beginning numerous reports have pegged Fidelity as the unnamed "Victim-2", a mutual fund shop that, per prosecutors, was attacked by the alleged hackers but then fixed the vulnerability (known as "Heartbleed"). 
Edited by:
Neil Anderson, Managing Editor
Stay ahead of the news ... Sign up for our email alerts now
CLICK HERE