(Bloomberg) — An Israeli private investigator pleaded guilty in a probe of a vast hacking-for-hire ring that allegedly targeted hedge funds, short sellers, journalists and advocacy groups fighting climate change.
Most Read from Bloomberg
Aviram Azari entered his plea Wednesday in federal court in Manhattan to three counts of fraud and conspiracy to commit computer hacking. Azari, 50, was accused of working with hackers who targeted potential victims with phishing emails. He acknowledged hiring them on behalf of his clients.
In June 2020, Bloomberg reported that U.S. authorities were investigating a vast hacking-for-hire operation that involved attempts to pilfer confidential communications from a variety of targets.
While it wasn’t clear who was writing the checks to pay for the hacking, the beneficiaries included specific industries and major companies, such as the German technology firm Wirecard AG, according to cybersecurity researchers and the Toronto-based research group Citizen Lab. Azari’s indictment was part of the larger investigation.
On Wednesday, when asked if one of Azari’s client’s was an executive for the now defunct Wirecard AG, Azari’s lawyer, Barry S. Zone, said, “Yes.” Zone said the government was aware of the identities of many of Azari’s clients.
Azari, who was arrested in 2019, is scheduled to be sentenced July 21. He is facing a maximum of 27 years in prison.
While pleading guilty, Azari told the court that he ran an intelligence firm in Israel that provided hacking services among its offerings. He said his firm contracted with a company in India that provided specialized hacking services. Azari said that he was paid by his clients, and he then compensated the Indian company for the hacking services.
“Clients of Mr. Azari paid substantial sums for those services,” said Assistant U.S. Attorney Olga Zverovich.
Investigators are probing a ring that allegedly has offered its hacking services to target thousands of entities. They included hedge funds Coatue Management LLC and Blue Ridge Capital LLC, nonprofit groups fighting telecommunications companies, and journalists at multiple news organizations, according to cybersecurity researchers including Citizen Lab, which tracks illegal hacking and surveillance.
Azari entered the courtroom wearing green prison garb with his feet shackled. His lawyer said that he had developed “severe gastrointestinal issues” while in prison and was frequently burping as a result. Azari detailed his crimes while speaking through a Hebrew interpreter.
Read More: U.S. Investigating Vast Hacker-for-Hire Scheme Traced to India
The India-based hackers are typically are hired by private investigators and other middlemen in Israel, the U.S. and Europe, according to the researchers. But their ultimate clients are often law firms or corporations, which may receive pilfered material under the guise of corporate intelligence or litigation preparation, according to court documents and several people familiar with the scheme.
In 2020, Citizen Lab and two other cybersecurity companies tied at least some of the hacking back to an Indian company called Belltrox Infotech Services, which operates from a crowded neighborhood of New Delhi. Working independently, the researchers said they tracked the intrusions back to Belltrox through a series of apparent mistakes made over the years by its hackers. Belltrox didn’t respond to requests for comment at the time, and on Wednesday, a representative of the firm couldn’t be located for comment.
The case is U.S. v. Azari, 19-cr-00610, U.S. District Court, Southern District of New York (Manhattan).
(Updates with additional details throughout.)
Most Read from Bloomberg Businessweek
©2022 Bloomberg L.P.