Threat Management, Vulnerability Management

Hacker pleads guilty in massive bank fraud case

Hacker Ehud Tenenbaum has pleaded guilty in connection to charges of fraud that netted millions of dollars from banks in Indiana, Florida, Texas and California, according to the U.S. Attorney's office in New York.

Tenenbaum, also known as "The Analyzer," has a long record of malicious behavior, and not only in the United States. Before pleading in this case last week, he voluntarily submitted to extradition from Canada, where he had been arrested last year in another financial fraud case. He also gained notoriety 10 years ago when he broke into NASA and Pentagon computer networks while living in Israel, authorities said.

According to an affidavit obtained by Wired, in 2007 the U.S. Secret Service began investigating the latest fraud case as part of “an international conspiracy” to hack into networks of U.S. financial institutions. The hacks, later attributed to Tenenbaum, involved SQL injection attacks that exploited vulnerabilities in database software, Wired reported.

The only charge Tenenbaum pleaded guilty to, as outlined in the indictment, was that he “…with intent to defraud, did affect transactions with one or more access devices issued to another person or persons, to wit: account numbers, to receive payment and other things of value…”

The charge carries a possible penalty of up to 15 years in prison. Tenenbaum is scheduled to be sentenced Nov. 19.

He remains in custody, Robert Nardoza, a spokesman for the U.S. Attorney's office in New York, told Wednesday. Nardoza would not comment on whether Tenenbaum had arranged a plea deal with prosecutors.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.