Anti-Fraud Firm G2 Said Among Victims of Ring That Hit Banks

  • Hackers spied on firm to stay ahead of it, U.S. alleged
  • Breach allegedly helped ring's money-laundering efforts

The merchant-risk intelligence firm whose network breach was described this week by federal prosecutors in Manhattan is G2 Web Services LLC, a person briefed on the matter said Friday.

A global criminal ring bolstered its money-laundering operations by overseeing the hack of a company whose services include detecting credit-card fraud, according to a Nov. 10 indictment that tied suspects to the 2014 breach of JPMorgan Chase & Co. customer data. The merchant security firm -- identified in the indictment only as Victim 12 of Bellevue, Washington -- was mined by hackers seeking details that would help the ring stay a step ahead of fraud-fighting efforts.

Victim 12 was G2, said the person briefed on the matter, asking not to be identified because the information hasn’t been disclosed publicly. The company didn’t respond to e-mails and telephone requests for comment placed to at least three of its officials over several days. The website Krebs on Security, citing sources it didn’t identify, reported earlier Friday that G2 was among victims of the hackers.

The purported hack was part of an illicit operation revealed by the office of Manhattan U.S. Attorney Preet Bharara, which accused a 31-year-old Israeli of overseeing a digital criminal enterprise behind pump-and-dump schemes and an Internet gambling empire. The ring also stole information relating to more than 100 million customer accounts at banks, mutual fund companies and publishers, according to this week’s indictment of Gery Shalon and two others.

Undercover Purchases

Hackers infiltrated the Bellevue firm in 2012, according to the indictment. The goal of the group was to monitor the firm’s internal communications to determine which credit cards its employees were using to make undercover purchases to detect unlawful merchants, according to the indictment.

The ring allegedly collected fees by helping criminals launder money, routing payments through what looked like online sites selling wedding dresses and pet supplies. It learned which card numbers the Bellevue firm was using to detect illegal activity and then blacklisted those cards to prevent the hacking operation from being discovered, according to the indictment.

Banks and other financial firms often hire intelligence firms such as G2 to help catch thieves and detect merchants accepting credit cards for illegal goods and services. That conspirators managed to infiltrate one of the industry’s last lines of defense surprised some analysts.

“Criminals study their targets, they know the defense mechanisms that are in place to catch them," said Julie Conroy, a security specialist at payments researcher Aite Group. “Those firms on the front lines -- they need to be applying stronger protections than the processors themselves.”

The hackers’ tactics illustrate the challenges facing banks and credit-card processors already under heightened pressure to detect suspicious transactions and thwart money laundering. Big banks around the world have pledged to step up their efforts, in some cases while paying billions of dollars in fines for past failings. But this week’s indictments show how quickly criminals are evolving to stay ahead.

Before it's here, it's on the Bloomberg Terminal.