Vous êtes sur la page 1sur 11

Assignment 01-1: Joshua Aaron

By: Juan Wilbur


On this assignment, I was asked to look at some cyber terrorist that have been identified,

view the charges of the case, talk about my code of ethics within the cyber realm and to create

my own commandments and ethics. When I read over this assignment, I thought finding a case

would be easy but identifying the hackers would be difficult. After some time, I looked at the

FBI's most wanted cyber hackers list. There are around 25 people who were on the list but just

one that caught my attention. Joshua Samuel Aaron, a hacker that went against my views and

ethics by attacking JPMorgan Chase and wiring money. The FBI wanted PDF had a list of laws

he broke, his connections, countries he likes to escape to and much more information. They had

more information on him than the rest of the hackers, I believe it's because he lived in the U.S.

most of his life.

In Summer 2014, JPMorgan Chase experienced a breach in their information. Accounts

of around 76 million households and 7 million small business were compromised. This incident

is known as the largest intrusion of an American Bank. JPMorgan Chase, like many other banks,

spend around 250 million dollars alone on cyber security, but the hackers were able to get in by

stealing login credentials from an employee. Their stocks fell 0.4% to $58.58 and barely gained

1% the next year. While investigating the attack, Chase found that there was no evidence that the

customer's financial information was stolen. Later, the executives said that only one million of

the accounts were truly affected, they try hard to contain any fallout and reassure the customers

that no money was taken from the attack. With only account addresses, phone numbers and

emails being exposed, Chase began to wonder why they didn't expose passwords or social

security numbers. It was interesting that the hackers, with the login credentials, were able to

create a list of the applications of the programs that ran on JPMorgan's computers so that they
could crosscheck with known vulnerabilities. The attack shook many businesses, it should how

vulnerable Wall Street institutions are to cybercrime.

The next year, the Justice Department announced that there were three men who made

the attack and stole 83 million customers' personal information during the attack. "Law

enforcement officials initially said the attacks came from hackers in Russia with loose ties to the

Russian government, but further announcement paints a different picture. The U.S. government

now alleges that the hack was orchestrated by men involved in a pump-and-dump stock

manipulation scheme." Out of the three men, the government made a wanted poster of just one

member of the group, Joshua Samuel Aaron.

Joshua is a U.S. citizen and a resident of Israel. He studied at Florida State

University and was a part of the fraternity, Phi Sigma Kappa. He and his frat brothers were large

in the hive of digital moneymaking. They paid there way through college making Google ads,

persuading people to click links for almost everything from electronics to dating websites. They

would make thousands of dollars each month with just coding. Little did they know, his schemes

would lead him into serious trouble.

In freshman year, Josh met Anthony Murgio, they both became best friends and began to

hangout a lot. Murgio used to be a door-to-door kitchen knife salesmen until Josh introduced him

into "affiliate marketing." It was a popular job on campus and helped a plethora of students

through school. Murgio made vacation-rental websites and said he made $800,000 in his time of

college. He opened a restaurant and a nightclub which was three blocks from campus after

graduating. Later on, he filed for bankruptcy protection, citing $545,000 in debt and was arrested

in allegedly stealing $111,000 in unreported sales taxes. Once he paid his taxes, he was released.
Aaron dropped out and moved to Miami, where he started multiple companies that made

air purifiers, home-security business, and an internet marketing firm. Both Aaron and Murgio

remained friends through their time of business and Murgio wrote about the products that he and

Aaron had made. Aaron didn't leave any public messages online and was deep in a stock fraud

scheme with an Israeli friend. Later on, he got married and moved to Israel. His bachelor party in

Amsterdam got him reunited some frat brothers, as well as Murgio. His wedding was Spetember

10, two weeks after the FBI publicly announced it was investigating the breach at JPMorgan.

Murgio was highly active on the internet, posting about libertarian causes, using a photo

of him and Ron Paul on his Facebook, registered the Coin.mx domain and started a Bitcoin

exchange. "Prosecutors allege the Bitcoin exchange laundered illicit funds, including extortion

payments made to hackers. In a 16 month period it exchanged a total of at least $1.8 million,

according to court documents. "Anyone who really knows him believes this is all a

misunderstanding," Wilson (Murgio's ex-girlfriend) says." Later on, Aaron and Murgio was seen

together in Russia through Facebook pictures.

In July 21, 2015, Murgio was "accused of running a Bitcoin exchange that laundered

money for hackers. Aaron was accused of a pump-and-dump scam that used expertly crafted

spam e-mails to lure investors into worthless penny stock purchases, generating $2.8 million in

illicit profits...an FBI memo reviewed by Bloomberg also links the two men to last summer's

cyber attack on JPMorgan Chase.."

Murgio was later arrested in Tampa and was free on bond. At the time, Aaron's

whereabouts were unknown. On May 23, 2016, the Russian authorities arrested Josh Aaron, he

was going under a false identification Mike Shields. Israel also arrested two other men, Gery

Shalon and Ziv Orenstein, who had ties to the cyber attack. The three were charged with 23
counts of alleged crimes that targeted 12 companies, including 9 financial service companies.

Orenstein and Shalon pleaded not guilty.

On the FBI wanted poster of Josh Aaron, it states that broke the following laws:

Conspiracy to Commit Computer Hacking

Computer Hacking

Conspiracy to Commit Securities Fraud

Conspiracy to Commit Wire Fraud

Securities Fraud

Identification Document Fraud Conspiracy

Aggravated Identity Theft

Money Laundering Conspiracy

They also did release the following laws broken by Josh Aaron, Ziv Orenstein and Gery Shalon:

Conspiracy to Commit Computer Hacking

Computer Hacking x 2

Conspiracy to commit securities fraud

Conspiracy to commit wire fraud: Securities Market Manipulation Scheme

Securities Fraud x 7

Wire Fraud

Conspiracy to commit identification document fraud

Aggravated identity theft


Unlawful internet gambling enforcement act conspiracy

Unlawful internet gambling enforcement act

Operation of illegal gambling business

Conspiracy to commit wire fraud: unlawful payment processing

Conspiracy to operate an unlicensed money transmitting business

Operation of an unlicensed money transmitting business

Conspiracy to commit money laundering: Internet Gambling an Paymint Processing

Schemes.

Now, unfortunately, I was not able to get the case information because it has not gone on trial

yet. All the counts of illegal gambling and internet gambling fall upon Shalon and Orenstein.

When they were caught, Israel saw that they were making money off of unlicensed internet

gambling and I believe sharing the wealth with each other. Seeing these broken laws influnced

me to be a defensive hacker more than offensive. It is pretty scary to commit these crimes and in

this day and age, people will get caught during or after the attack. No amount of money is worthy

to put millions of people at risk and potentially destroying a successful business.

I have five codes of ethics that will keep me from becoming a cyber terrorist. Number

one: Not to associate with malicious hackers nor engage in any malicious activities. It is self-

explanatory but engaging in terrible actions could cause endanger thousands to millions of

people that are related to the target. Number 2: Not to be convicted in any felony, or violated

any law of the land. To be hired by a company, it is important to not have a criminal history, I

do not want a company to second guess me or withhold higher responsibilities from me


because of a past incident. To ensure ethical conduct and professional care always is number

four. It is highly important to maintain professionalism so that the company and coworkers will

take me seriously, not as a joke trying to make money from others. My last code is to never to

knowingly use software or process that was obtained or retained either illegally or unethically.

This could jeopardize the company faster than a hear beat. Using software that was illegal could

cause the company to be shut down. With these codes, I can maintain a good job and not break

any laws, that is why Josh Aaron is someone to learn from.

References:
Oded Yaron May 23, 2016 12:02 PM, By Chemi Shalev01.10.2016 6 comments 6, By Anshel
Pfeffer30.09.2016 This is a primium article 2 comments 2, By Judy Maltz30.09.2016 This is a primium
article 7 comments 7, By Anshel Pfeffer29.09.2016 This is a primium article This article contains a
video, By Haaretz28.09.2016 2 comments 2, . . . By David B. Green3 hours ago. (2016). Third suspect
arrested in U.S. stock swindle involving Israelis - Business. Retrieved October 05, 2016, from
http://www.haaretz.com/israel-news/business/.premium-1.721035

News, B. (n.d.). Charges brought in largest US financial cyber-hacking. Retrieved October 05, 2016,
from http://www.bbc.com/news/business-34782369

(2014). Retrieved October 05, 2016, from https://www.fbi.gov/wanted/cyber/joshua-samuel-aaron

Krebs on Security. (n.d.). Retrieved October 05, 2016, from http://krebsonsecurity.com/tag/joshua-


samuel-aaron/

From Frat Brothers to FBI Suspects. (n.d.). Retrieved October 05, 2016, from
http://www.bloomberg.com/news/articles/2015-08-06/from-frat-brothers-to-fbi-suspects

Digital Misfits Link JPMorgan Hack to Pump-and-Dump Fraud. (n.d.). Retrieved October 05, 2016, from
http://www.bloomberg.com/news/articles/2015-07-21/fbi-israel-make-securities-fraud-arrests-tied-
to-jpmorgan-hack

Roche, J. L. (2015). The weird Florida connection in a massive bank data breach that impacted 76
million households. Retrieved October 05, 2016, from http://www.businessinsider.com/arrests-tie-
florida-college-buddies-to-cyberattack-2015-7

Hirschauge, O. (2015). Accused Mastermind of J.P. Morgan Hack a Product of Israel's Internet
Underbelly. Retrieved October 05, 2016, from http://www.wsj.com/articles/accused-mastermind-of-
j-p-morgan-hack-a-product-of-israels-internet-underbelly-1448101982
Brendan Pierson Jun 10, 2016 1:28 AM, By Chemi Shalev01.10.2016 6 comments 6, By Anshel
Pfeffer30.09.2016 This is a primium article 2 comments 2, By Judy Maltz30.09.2016 This is a primium
article 7 comments 7, By Anshel Pfeffer29.09.2016 This is a primium article This article contains a
video, By Haaretz28.09.2016 2 comments 2, . . . By David B. Green3 hours ago. (2016). Two Israelis
plead not guilty to massive hacking heist in New York court - Israel News. Retrieved October 05, 2016,
from http://www.haaretz.com/israel-news/1.724298

R. (2016). This Story About a Florida Man Involves Bitcoin and J.P. Morgan. Retrieved October 05,
2016, from http://fortune.com/2016/04/21/florida-man-bitcoin/

Manhattan U.S. Attorney Announces Extradition Of Defendants Linked To Massive Network Intrusions
At U.S. Financial Institutions, U.S. Brokerage Firms, A Major News Publication, And Other Companies
In Furtherance Of Securities Fraud Scheme And Other Crimes. (n.d.). Retrieved October 05, 2016, from
https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-extradition-defendants-
linked-massive-network

Silver-greenberg, J., Goldstein, M., & Perlroth, N. (2014). JPMorgan Chase Hacking Affects 76 Million
Households. Retrieved October 05, 2016, from http://dealbook.nytimes.com/2014/10/02/jpmorgan-
discovers-further-cyber-security-issues/?_r=0

Goldstein, M., Perlroth, N., & Corkery, M. (2014). Neglected Server Provided Entry for JPMorgan
Hackers. Retrieved October 05, 2016, from http://dealbook.nytimes.com/2014/12/22/entry-point-of-
jpmorgan-data-breach-is-identified/

JPMorgan Says Data Breach Affected 76 Million Households. (n.d.). Retrieved October 05, 2016, from
http://www.bloomberg.com/news/articles/2014-10-02/jpmorgan-says-data-breach-affected-76-
million-households

Vous aimerez peut-être aussi