NEW YORK (BLOOMBERG) - An Israeli private investigator pleaded guilty in a probe of a vast hacking-for-hire ring that allegedly targeted hedge funds, short sellers, journalists and advocacy groups fighting climate change.

Aviram Azari entered his plea Wednesday (April 20) in federal court in Manhattan to three counts of fraud and conspiracy to commit computer hacking. Azari, 50, was accused of working with hackers who targeted potential victims with phishing e-mails. He acknowledged hiring them on behalf of his clients.

In June 2020, Bloomberg reported that United States authorities were investigating a vast hacking-for-hire operation that involved attempts to pilfer confidential communications from a variety of targets.

While it was not clear who was writing the checks to pay for the hacking, the beneficiaries included specific industries and major companies, such as the German technology firm Wirecard AG, according to cyber-security researchers and the Toronto-based research group Citizen Lab. Azari's indictment was part of the larger investigation.

On Wednesday, when asked if one of Azari's client's was an executive for the now defunct Wirecard AG, Azari's lawyer Barry S. Zone said, "Yes." Mr Zone said the government was aware of the identities of many of Azari's clients.

Azari, who was arrested in 2019, is scheduled to be sentenced July 21. He is facing a maximum of 27 years in prison. While pleading guilty, Azari told the court that he ran an intelligence firm in Israel that provided hacking services among its offerings.

He said his firm contracted with a company in India that provided specialised hacking services. Azari said that he was paid by his clients, and he then compensated the Indian company for the hacking services.

"Clients of Mr Azari paid substantial sums for those services," said Assistant US Attorney Olga Zverovich.

Investigators are probing a ring that allegedly has offered its hacking services to target thousands of entities. They included hedge funds Coatue Management and Blue Ridge Capital, non-profit groups fighting telecommunications companies, and journalists at multiple news organisations, according to cyber-security researchers including Citizen Lab, which tracks illegal hacking and surveillance.

Azari entered the courtroom wearing green prison garb with his feet shackled. His lawyer said that he had developed "severe gastrointestinal issues" while prison and was frequently burping as a result. Azari detailed his crimes while speaking through a Hebrew interpreter.

The India-based hackers are typically hired by private investigators and other middlemen in Israel, the US and Europe, according to the researchers. But their ultimate clients are often law firms or corporations, which may receive pilfered material under the guise of corporate intelligence or litigation preparation, according to court documents and several people familiar with the scheme.

In 2020, Citizen Lab and two other cyber-security companies tied at least some of the hacking back to an Indian company called Belltrox Infotech Services, which operates from a crowded neighbourhood of New Delhi.

Working independently, the researchers said they tracked the intrusions back to Belltrox through a series of apparent mistakes made over the years by its hackers. Belltrox did not respond to requests for comment at the time, and on Wednesday, a representative of the firm couldn't be located for comment.