Mario Draghi, president of the European Central Bank, and former Italian Prime Minister Matteo Renzi were among those hacked in a cyber-spying operation that targeted more than 18,000 e-mail accounts, according to a court document seen by Bloomberg.
Operation “Eye Pyramid” revealed cyber-spying of institutions, state agencies, professionals, political figures and business people lasting for years, Italian police said in an e-mailed statement Tuesday. Police said two people were arrested: a nuclear engineer and his sister, both living in Rome and well-known in Roman financial circles.
The alleged hackers acted “with the aim of making a profit for themselves or for others,” the court document says. The Italian police inquiry was aided by the U.S. Federal Bureau of Investigation, which said the hackers targeted victims in the U.S. and Europe.
Draghi’s e-mail at the Bank of Italy was hacked in the summer of 2016, according to the suspects’ arrest warrant issued by Rome pre-trial Judge Maria Paola Tomaselli. Draghi served as governor of the Italian central bank from 2005 to 2011. An e-mail account belonging to Renzi was also hacked, the document says.
Among the hackers’ targets were oil group Eni SpA, multinational power company Enel SpA and technology company Leonardo Finmeccanica SpA, the court document shows. Political parties, law firms, politicians and ministries were also targeted.
The suspects tried to obtain confidential and sensitive data, especially on banks, at the ECB in Frankfurt and at the Bank of Italy in Rome, according to a person familiar with the investigation, speaking on the condition of not being identified by name.
The two arrested are suspected of obtaining information on national security, serious illegal access to a computer system and illicit interception of computer communications in an investigation led by Rome prosecutors, an Italian police statement said.
Thanks to a wide network of computers infected with malware called “Eyepyramid,” the pair allegedly obtained from a large number of victims “confidential information and sensitive data over many years” which was stored on U.S. servers, according to the police statement.
Italian police, working with the Cyber Division of the U.S. FBI, have seized the servers, it added. The FBI said in a statement Tuesday that the U.S. Justice Department also provided support to the inquiry.
The network targeted individuals who possessed particularly sensitive or strategic data, or “of particular value for those working in specific financial circles,” the statement said.
With all of that background in mind, next recall that Italy has a national nervousness about Freemasons left over from the enormity and seriousness of the P2 lodge scandal in the 1980s, which, in part, involved Italian banking officials with a loudly trumpeted connection to Freemasonry. So, Italians have a built-in radar that snaps to life when something deviously malevolent called “Eye Pyramid” comes to light. Especially since the Grand Orient of Italy’s official seal contains that very imagery. And this time, it turns out, there is indeed a very high-profile Masonic connection with this story.
Giulio Occhionero, a trained nuclear engineer and co-founder of investment firm Westland Securities, used a malware to infect the email accounts so that he could make “investments based on reserved information,” Di Legami said.
Draghi’s account at the Bank of Italy, where he was previously governor, and Renzi’s personal Apple account that he used while he was prime minister were among those infected by the malware, according to the arrest warrant. Renzi’s official email as prime minister was also targeted, Di Legami said.
Occhionero was a high-ranking member of a Masonic lodge, which in Italy are shrouded in secrecy, and among those he monitored was the grand master of the country’s biggest lodge, the arrest warrant said.
Occhionero, which means black-eye in Italian, used a customised malware called “EyePyramid”, a reference to the all-seeing eye of God like the one depicted on the back of the U.S. dollar bill.
The stolen data was stored in servers in Prior Lake, Minnesota, and Salt Lake City, Utah, the court document showed.
The Federal Bureau of Investigation has seized the servers and will ship them to Italy, Di Legami said.
While most of the hacking appears to have been focused on the email accounts, there was evidence that he had managed to install a keylogger on some computers, allowing him to see every keystroke, the warrant showed.
The investigation began when an infected email was detected in April, 2016, though there is evidence the two had been using the malware to spy since 2010.
Investigations so far show some 18,000 accounts may have been hacked, and some 2,000 user passwords identified.
Email addresses at important corporate law firms, accounting companies, finance police officials, economy ministry officials, Vatican offices, labour unions, and even credit recovery groups were also put under surveillance, according to the warrant.
Despite its name sounding otherwise, the grand lodges throughout the United States all recognize the Grand Orient of Italy (Grande Oriente d’Italia) as regular. (The only two U.S. exceptions to this are the MW Prince Hall Grand Lodges of Colorado and Oklahoma.) However, the UGLE does not, and recognizes instead the Regular Grand Lodge of Italy. There was – and remains – controversy over their decision to do that in 1972. Nevertheless, the GO of Italy was established in 1805 and is the largest body of regular Freemasonry in that nation, with more than 22,000 members in 843 lodges.
Freemasonry in Italy has had a tumultuous past, and was banned in 1925 by Mussolini after declared himself dictator. After the war when Masonry was permitted to function again, it was rocked again by the very high profile case of the P2 lodge scandal. The precursor to Propaganda Due lodge was founded in 1877, and was chartered at the end of WWII in 1945 by the Grand Orient. But following allegations of corruption within the lodge, its charter was revoked between 1974-76. Regardless, P2 continued to operate as a secret organization patterned after a Masonic lodge. In the 1980s, it became deeply implicated in numerous crimes and plots, including the collapse of the Vatican affiliated Banco Ambrosiano, the mysterious death in London of Italian banker Roberto Calvi under Blackfriars Bridge, the murder of journalist Mino Pecorelli, and other corruption cases involving a nationwide Italian government bribery scandal.
For more information: Go to Source