An Israeli private detective has pleaded guilty to involvement in a hacker-for-hire scheme that targeted journalists and critics of disgraced German payments company Wirecard.
Aviram Azari pleaded guilty in a New York court to charges of wire fraud, conspiracy to commit hacking and aggravated identity theft.
His lawyer, Barry Zone, told Reuters that Azari had admitted wrongdoing as a middleman in the hacking scheme, but was not cooperating with prosecutors.
Zone said the charges relate to work for Wirecard.
Federal prosecutors said Azari, who has been detained in New York since 2019, organised a series of hacking missions on behalf of unnamed third parties against American companies based in the city from 2014 to 2019.
He used fake websites and elaborately personalised phishing messages to steal email account credentials, they said.
Five people familiar with the case told Reuters Azari was being charged in relation to the activities of New Delhi-based BellTroX InfoTech Services, which allegedly carried out hacks on behalf of its clients.
It is the first successful prosecution since Wirecard’s collapse in June 2020, when the company filed for insolvency owing creditors almost $4 billion (£3bn), after disclosing a $1.9bn hole in its books that accountants EY said was the result of a sophisticated global fraud.
Wirecard chief operating officer remains a fugitive from justice whom German authorities believe is hiding in Moscow.
The trials in Germany of three former Wirecard executives, including chief executive Markus Braun, are expected to begin later this year.
Braun is charged with fraud, breach of trust, account rigging and market manipulation but has denied wrongdoing.
BellTrox is allegedly behind hacking campaigns targeting lawyers, government officials, businessmen, investors and activists around the world. The company has previously denied being involved in hacking.
Citizen Lab, a human rights group based at the University of Toronto’s Munk School of Global Affairs, has said it believes BellTrox is responsible for the campaigns, which it said were carried out on behalf of companies such as ExxonMobil and Wirecard.
In a 2020 report the group said hackers had created “spear phishing” emails tied to more than 28,000 personalised web pages to steal passwords.
Environmental campaigners targeted by the hacks include the Rockefeller Family Fund, the Climate Investigations Center, Greenpeace, the Conservation Law Foundation and the Union of Concerned Scientists, according to Citizen Lab.
John Scott Railton, lead researcher on the project at Citizen Lab, said the case exposed an ecosystem of hacking and called for American corporations that allegedly paid Azari to face justice.
ExxonMobil has said it had “no knowledge of, or involvement in” the hacking activities.