Hackers bombarded a UK hedge fund manager with 3,000 emails and false information about his mortgage in a bid to destroy his reputation after he was hired by a rival firm.

Criminals even sought to obtain personal information about Matthew Earl by impersonating his sister during a three-year campaign when he raised concerns about controversial German payments company Wirecard.

Mr Earl, a former City analyst who runs hedge fund ShadowFall, said he was being targeted by a group called Dark Basin.

This group has been linked to Aviram Azari, who pleaded guilty this week in New York to conspiring to target journalists and critics of Wirecard using phishing emails.

Mr Earl said the hacking attempts began in 2016 after ShadowFall, dubbed the “dark destroyer” in the city, criticized Wirecard’s financial performance. The German company was then mired in a series of accounting scandals and went bankrupt.

He said: “I was receiving very targeted emails, containing personal information about my interests, friends and family details. They were very specific.

Mr Earl received reports that appeared to come from outlets such as Reuters and Bloomberg. Another email appears to have been sent by his sister, sharing family photos, he added.

He said: “There was even one that claimed to be an expose on my mortgage.

“Why would anyone be interested in my mortgage, I don’t know. It was a whole range of things, and they came in droves and quickly. Some days I received 3-10 targeted emails.

Mr Earl said he gave evidence to the Federal Bureau of Investigation and the US Department of Justice in 2018 about the hacking attempts, and was identified as a “possible victim of a crime”.

He also shared emails with Citizen Lab, part of the Munk School at the University of Toronto.

Citizen Lab then published a report on Dark Basin, a hack-for-hire group that targeted thousands of individuals and hundreds of institutions on six continents.

They linked Dark Basin “with great confidence” to the Indian company BellTroX InfoTech Services, which is believed to be linked to Mr Azari’s case.

Reign of terror as hired hackers step up corporate espionage

By Helen Cahill

Aviram Azari was this week bused to one of New York’s most notorious prisons.

The former private detective turned cybercriminal had been freely conducting corporate espionage for at least five years for high-end shadowy clients. He worked as part of a network of for-hire hackers who allegedly lent his services to target thousands of companies and individuals, with victims including some of the world’s largest hedge funds, journalists and eco-activists.

Having lived in the midst of the murky world of corporate espionage, Azari is now waiting to find out how long he will spend behind bars.

This week he pleaded guilty to three counts of fraud and conspiracy to gain access to private computers, admitting wrongdoing in his role as an intermediary in the hacking scheme.

After admitting the charges in federal court in Manhattan, the 50-year-old will be held without bond at the Metropolitan Detention Center in Brooklyn – the same facility Ghislane Maxwell was held at before she was convicted of sex trafficking girls for Jeffrey Epstein – until July 21.

Experts say the Azari case is just a small part of a growing trend of hiring hackers to obtain information through corporate espionage. The market has been labeled as a growing threat as customers can enjoy minimal risk due to the opaque nature of the schemes.

So-called hack-for-hire groups are often approached by private investigators commissioned by governments, companies in the legal or financial sector, for example, who then use the information to shed light on takeover attempts and cases. judicial.

Manhattan federal court charged Azari with carrying out a program of cyberattacks against hundreds of victims in the Southern District of New York and beyond. He said he sent fake emails to targets tricking them into entering their key account usernames and passwords on websites controlled by Azari and his conspirators. He was also ordered to return all the money earned from the scheme.

Alan Woodward, a cybersecurity expert at the University of Surrey, says Azari’s case is just the “tip of the iceberg”.

Woodward adds: “He and others are tapping into a trend that has grown in recent years called ‘crime as a service’.

“Those who sponsor the hack don’t necessarily have the skills to do it, so they hire other people to do it for them.

“It’s also extremely tempting for private investigators to use these hackers for hire because so much of what they want for corporate espionage comes in electronic form. Can you name a company that still uses paper ?”

Azari’s guilty plea is part of a larger investigation into a hacking network, BellTroX InfoTech Services, believed to be based in New Delhi, which allegedly infiltrated thousands of entities. These have included hedge funds Blue Ridge Capital and Coatue Management, according to Citizen Lab cyber researchers.

The group also targeted high-profile London-based hedge fund ShadowFall, run by Matthew Earl, which was short-selling disgraced German firm Wirecard. The payments company collapsed in June 2020 before its creditors $4bn (£3bn) after a Financial Times investigation uncovered major internal fraud. Azari’s attorney, Barry Zone, said his client’s accusations relate to work done for Wirecard. He added that his client was not cooperating with the US government on the investigation.