Last Saturday, Anthony R. Murgio attended a college friend's wedding in Atlanta, seemingly without a care in the world.
Yet the day before, unbeknown to Murgio, federal prosecutors in Manhattan had filed two criminal complaints, under seal, that accused him and another former college classmate, Yuri Lebedev, of running an illegal bitcoin money exchange operation that enabled criminals operating online to convert the digital currency to cash.
Both men were arrested at their homes in Florida on Tuesday morning. That same day, the authorities in Israel seized two other men, who were charged with running a multiyear stock manipulation scheme. A third man was indicted but not arrested because he was not at his home in Israel.
The two cases - which on the surface appear unrelated - are the first tantalizing clues to a long-running federal investigation into the huge hacking of JPMorgan Chase's vast network last summer. That breach compromised some personal contact information for 83 million customer accounts. Federal authorities have suspected for months that some of the people arrested this week had a role in helping to carry out the attack, but have yet to officially link any of them to it.
At least three of the people charged apparently knew one another for at least a decade, going back to when they were students at Florida State University. While their potential connection to the JPMorgan attack is unclear, two of those charged were identified last fall by the FBI as having some link to the attack on the bank, people who were briefed on the matter said.
One of those people said tens of millions of customers' email addresses and phone numbers stolen from the bank may have been used as part of a subsequent stock manipulation scheme in which the accused would send spam emails promoting worthless stocks. The person said it was possible the actual hacking was done by others in Eastern Europe on the instructions of those overseeing the stock pump-and-dump scheme.
While many questions remain, what is clear is that federal authorities were forced to move much sooner than they had wanted, partly out of concern that the investigation was becoming too public and that some of those charged might try to move to countries with no formal extradition process to the United States.
On July 2, federal prosecutors sent a letter to Israeli authorities asking them to arrest three men charged with running a four-year stock manipulation scheme as soon as one of the men returned home to Tel Aviv from a trip outside the country. Prosecutors said they were concerned about news organizations making public some aspects of the investigation.
In the letter, the prosecutors said a U.S. judge had issued arrest warrants for the men on June 2, after a federal grand jury in Manhattan indicted the three on 11 counts of securities fraud in a sealed indictment. The letter from the Justice Department's Office of International Affairs included photographs of the three men and brief physical descriptions.
On Tuesday, two of the men, Gery Shalon and Ziv Orenstein, were arrested at home in Israel when prosecutors in Manhattan asked a federal judge to have the indictment made public.
The third, Joshua Samuel Aaron, was not arrested because he remained abroad and did not return to Israel by the middle of the month as federal prosecutors had expected. The authorities suspect Aaron may be in Russia, judging by photographs posted several weeks ago by his wife, Alona Chaim Aaron, on several social media accounts.
The letter asking Israel to assist with the arrests was made public during a court proceeding for Shalon, 31, and Orenstein, 41. An Israeli judge ordered both of them to remain in custody pending a hearing on Aug. 10. Aaron, 31, who was born in the United States and grew up in Maryland, lives in Tel Aviv.
In the letter to Israeli authorities, federal prosecutors said that in the past "Shalon caused the massive quantity of spam emails to be transmitted through his and Aaron's control of numerous servers, domain names, email accounts and accounts with third-party email distribution companies under Shalon's control."
Federal prosecutors said they would seek to extradite the Israeli defendants for trial in Manhattan.
In the United States, Lebedev, who lives in a town near Jacksonville, Florida, was released on Tuesday after posting a $25,000 bond. Murgio remained in custody late Thursday at the Pinellas County Jail in Clearwater, Florida, having failed to post a $100,000 bond.
Mark Barnett, a lawyer for Lebedev, declined to comment. Adam Schwartz, a lawyer for Murgio, did not return a call seeking comment.
Murgio, Aaron and Lebedev were all students at Florida State University.
In 2008, Murgio and Aaron formed a business in West Palm Beach, Florida, called Health Universe LLC. It closed about a year later.
Lebedev, 37, who graduated from Florida State with degrees in computer science and mathematics in 2004 and 2008, lists himself as a software architect for company led by Murgio's brother.
Murgio, 31, who graduated with a degree in marketing in 2007, had run a number of failed restaurant businesses and other ventures. In 2012, then living in Tallahassee, Murgio filed for bankruptcy, claiming he had $545,000 in debts.
Aaron, who majored in real estate, left Florida State in 2005 without a degree, a university spokesman said. For a time he ran a small business called Josh Aaron LLC out of his parents' home in Potomac, Maryland, before moving to Israel.
Federal prosecutors contend that Murgio and Lebedev went into the bitcoin money exchange business in 2013, providing a platform for criminals who put malicious malware on computers and then demand a ransom payment in bitcoin to unfreeze those computers.
The prosecutors said Murgio and Lebedev sought to conceal their money transfer activities by taking effective control of a small credit union in New Jersey that mainly served low-income members.
They did not identify the credit union, but people briefed on the matter said it is Helping Other People Excel Federal Credit Union in Jackson, New Jersey. Charles E. Blue Sr., the credit union's chief executive, said, "We cannot comment on ongoing investigations."
It is not clear how Aaron became associated with Shalon and Orenstein. Federal authorities contend that the men began orchestrating so-called pump-and-dump penny stock schemes in 2011.
In pump-and-dumps, promoters drive up the price of worthless stocks and pitch them to unsuspecting investors. The organizers then sell the shares before the price crashes.
In an odd twist, Aaron's elderly grandparents in Maryland were almost victims of fraud in 2012. Late that year, a person called up pretending to be a relative and demanding money. In this case, the caller claimed to be Aaron and said he was in jail in Greece and needed $3,500.
It is a familiar ruse that consumer advocates have called the "grandparent scam." But Aaron's grandparents knew that the caller was not their grandson and that the story was a hoax. The couple reported it to consumer affairs officials in Montgomery County, Maryland. At the time, the attempted fraud drew some media coverage about the danger of such swindles.
© 2015, The New York Times News Service