订阅

多平台阅读

微信订阅

杂志

申请纸刊赠阅

订阅每日电邮

移动应用

商业 - 科技

入侵摩根大通的黑客被捕。他都掌握哪些信息?

财富中文网 2018年09月13日

秋林在犯罪网络中的人脉很深,这可能让他在多项调查中发挥作用。

被检察官称为史上最大金融黑客案的幕后神秘人现已被美国政府逮捕。

上周五,美国政府将安德烈•秋林从格鲁吉亚引渡到纽约。这位俄罗斯人涉嫌在针对摩根大通等十几家公司的黑客袭击中承担主要破解任务。美国政府数年的追捕出现了不太真实的高潮,他们表示,自己一直密切跟踪的一名黑客领导了对金融公司的网络攻击,这些攻击导致了一系列连锁反应,包括证券欺诈、洗钱、信用卡欺诈以及制贩假药。

三年前,纽约联邦机构介绍多个金融系统被黑的情况时已公布了大多数细节内容,黑客攻击的受害人数超过8000万。其他遇袭公司包括富达投资、道琼斯、亿创理财公司和史考特金融服务公司。

此前的法庭文件并未披露主要黑客的身份。上周五出炉的未密封起诉书终于揭示此人正是秋林。当天下午1:44,35岁的秋林乘坐的飞机在纽约斯图尔特国际机场降落。检察官随即表示,秋林的引渡是打击黑客的“重大里程碑”。

上周五下午秋林出现在曼哈顿联邦法院,他身着白色体恤衫、黑色裤子和运动鞋。对于共谋、计算机黑客攻击、身份盗用和远程诈骗指控,秋林均表示不认罪。他的律师弗洛里安•米德尔拒绝发表评论。

摩根大通黑客案中已有被告跟当局合作,这种情况下秋林或许得决定是跟控方妥协还是直面起诉。这对他来说是个意外的转折,几乎没有人相信他会被交给美国政府。秋林在犯罪网络中的人脉很深,这可能让他在多项调查中发挥作用,包括2016年美国总统选举期间的黑客事件。

双轨黑客

在此前提起的诉讼中,美国司法部门称俄罗斯黑客采用的是双轨制——一方面通过犯罪性黑客行为牟利,另一方面为其俄罗斯保护者提供有价值的信息。

了解调查情况的人士透露,摩根大通一案中,美国情报机构怀疑俄罗斯情报部门曾试图解救秋林,而且已经向联邦调查局提交了相关证据。此外,秋林看来还对银行系统进行了广泛“侦察”,而且承担了一些和另一黑客夏隆操纵股价不太相关的任务。

这一情况以及其他线索让摩根大通部分安全负责人担心秋林或许还向俄罗斯情报机构揭示了公司的软肋。该消息人士称,联邦调查局已认定其为刑事犯罪。

格鲁吉亚检察院女发言人尼诺•克瓦塔泽表示,美国和俄罗斯都想引渡秋林,此事最终由格鲁吉亚法院裁定。

警察方面透露,去年12月秋林在第比利斯国际机场入境时被格鲁吉亚官方逮捕。他不知道自己已遭通缉。秋林在第比利斯的律师帕夫列•阿贝泽也应秋林的要求拒绝发表评论。

秋林是美国希望逮捕而俄罗斯表示反对的几名黑客之一。上周,希腊最高法院就是否引渡亚历山大•文尼尼克进行了庭审。文尼尼克是俄罗斯人,美国、法国和俄罗斯都指控他进行过网络犯罪。他还被指为一家比特币交易所的负责人,而且据称俄罗斯政府黑客曾利用该交易所盗取民主党的电子邮件。

主犯

针对金融公司的黑客行为中,秋林涉嫌和格瑞•夏隆合作。后者是以色列人,被美国指为这一犯罪的策划者。据检察官介绍,2012-2015年秋林盗取了相关公司逾1亿名客户的个人信息。他先是渗透到这些公司的计算机网络中,然后锁定客户数据库,再将相关信息传送到海外的计算机上。

检察官称,黑客盗取的信息被用于操纵股价、互联网赌博、信用卡欺诈以及通过比特币洗钱,由此产生的非法所得达数亿美元。

夏隆于2015年在以色列被捕,翌年送至美国。本案的其他几名被告或已认罪,或在审判后定罪。但引渡到美国已经两年多的夏隆尚未就此事受审,这表明他可能正在和美国当局合作。(财富中文网)

译者:Charlie

审校:夏林

The mystery figure behind what prosecutors call the biggest financial hack of all time is now in U.S. custody.

Andrei Tyurin, a Russian citizen who is alleged to have performed key cyber-work in a hack of JPMorgan Chase & Co. and about a dozen other companies, was extradited to New York on last Friday from the republic of Georgia. It was the unlikely culmination of a years-long hunt by U.S. authorities, who had closely tracked a hacker they said led cyber breaches of financial firms that fed an array of activities including securities fraud, money laundering, credit-card fraud and fake pharmaceuticals.

Federal authorities in New York laid out most of those details three years ago when describing a breach of a swath of the financial system that created more than 80 million victims. Other targeted companies include Fidelity Investments, Dow Jones & Co., E*Trade Financial Corp. and Scottrade Financial Services Inc.

What the earlier court filings didn’t disclose was the identity of the central hacker — revealed finally in an unsealed indictment on last Friday as Tyurin. Moments after the jet carrying Tyurin, 35, touched down at New York’s Stewart International Airport at 1:44 p.m., prosecutors called his extradition a “significant milestone” in the fight against hacking.

Tyurin appeared in Manhattan federal court on last Friday afternoon in a white T-shirt, black pants and sneakers, pleading not guilty to charges of conspiracy, computer hacking, identity theft and wire fraud. His lawyer, Florian Miedel, declined to comment.

With others in the JPMorgan hacking case cooperating with authorities, Tyurin may need to decide whether to cut a deal or face prosecution, an unexpected turn for a suspect that few believed would be handed over to the U.S. His deep web of contacts in the criminal underground could make him useful in a wide range of investigations, including the hacking of the 2016 presidential election.

Two-Track Hacks

In previous prosecutions, U.S. authorities have alleged that Russian hackers have worked on dual tracks — profiting from criminal hacking, while also providing valuable information to their Russian minders.

In the JPMorgan matter, American spy agencies suspected there had been attempts by Russian intelligence to recruit Tyurin and had provided evidence of those efforts to the Federal Bureau of Investigation, according to person with knowledge of the probe. The hacker also appeared to do an extensive reconnaissance of bank systems and undertook other activity not strictly related to Shalon’s stock scheme.

That activity and other clues led some security officials at JPMorgan to fear that the hacker might also be providing information on the the firm’s vulnerabilities to Russian intelligence agencies. The FBI concluded this was a strictly criminal endeavor, the person said.

Tyurin was wanted for extradition by the U.S. as well as Russia, according to Nino Kvatadze, a spokeswoman for the Georgian prosecutor’s office. The matter went before a Georgian court, she said.

Tyurin was detained in December by Georgian authorities while entering Tbilisi International Airport, police said. He was unaware he was a wanted man. At his client’s instruction he said, Tyurin’s Tblisi lawyer, Pavle Abaidze, also declined to comment.

He is one of several Russian hackers sought by the U.S. over Russia’s objection. Last week, Greece’s supreme court heard arguments over whether to extradite Alexander Vinnik, a Russian accused of cybercrimes in the U.S., France and Russia. Vinnik allegedly oversaw a bitcoin exchange used by Russian government hackers accused of stealing Democrats’ emails.

Scheme’s Mastermind

In the financial firms’ hack, Tyurin allegedly worked in concert with Gery Shalon, an Israeli who the U.S. accuse of masterminding the scheme. From 2012 to 2015, according to prosecutors, Tyurin purloined personal information about more than 100 million of the firms’ clients by infiltrating corporate computer networks, locating customer databases and exporting profile information to computers overseas.

The information from the hacks was used in stock manipulation, Internet gambling, credit-card fraud and bitcoin money laundering, prosecutors say, allegedly generating hundreds of millions of dollars in illicit proceeds.

Shalon was arrested in Israel in 2015 and shipped to the U.S. the next year. Several other figures in the case have either pleaded guilty or were convicted after trial. But more than two years later, U.S. authorities haven’t brought Shalon to trial in the matter, signaling that he may be cooperating with U.S. authorities.

我来点评

  最新文章

最新文章:

500强情报中心

财富专栏