An extradited Russian man has been accused of hacking banks, brokers and financial companies in the United States
Andrei Tyurin has been accused of being part of a gang that deployed a “massive hacking” campaign between the years 2012 and 2015. According to experts in ethical hacking, one of the most outstanding victims was the financial company JP Morgan Chase, the attack made them lost personal and financial information of nearly 100 million customers.
The Russian citizen was extradited to the United States, where he will face charges of bank fraud and computer piracy.
Ethical hacking specialists responsible for investigating the case calculated that, in total, the gang of hackers behind the attacks on various U.S. financial institutions stole information from almost 100 million of U.S. citizens, according to a statement published by the Department of Justice (DoJ) on its website.
The DoJ states that Mr. Tyurin was a key member of the hacker gang and carried out massive attacks with the collaboration of other members. Numerous technical tricks were used to penetrate the bank accounts, affirms the accusation of the DoJ, including the well-known bug Heartbleed that can give attackers access to confidential data stored in the memory of a computer.
In addition to obtaining illicit access to customer accounts, it is believed that the group used the victims’ contact list as a way to artificially inflate the value of the companies in which their members possessed assets.
It is believed that Mr. Tyurin is one of the last members of the gang who carried out this attack campaign. Four other men have already been arrested and charged for their alleged involvement.
According to specialists in ethical hacking from the International Institute of Cyber Security, Heartbleed, the vulnerability used in that campaign, was able to compromise the secret security keys that are used to encrypt network traffic, usernames, passwords, and the content that is transmitted over the Internet. Multiple online services such as emails, instant messaging and even some VPNs were affected by this bug.
The Heartbleed vulnerability was reported on April 7, 2014, but it is believed that it already had about 2 years in active, and during all that time, malicious agents with the necessary knowledge and without possibility of being traced in any way, could have been exploiting the flaw.