Hacker who targeted JPMorgan and E*Trade gets prison term
A Russian hacker who targeted J.P. Morgan Chase Bank, E*Trade, Scottrade, and the Wall Street Journal was sentenced to prison.
On Thursday, Andrei Tyurin was sentenced in Manhattan federal court to 144 months in prison for computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses in connection with his involvement in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.
Tyurin is charged with committing these crimes with Gery Shalon, a/k/a “Garri Shalelashvili,” a/k/a “Gabriel,” a/k/a “Gabi,” a/k/a “Phillipe Mousset,” a/k/a “Christopher Engeham,” Joshua Samuel Aaron, a/k/a “Mike Shields,” and Ziv Orenstein, a/k/a “Aviv Stein,” a/k/a “John Avery,” in furtherance of securities market manipulation, illegal online gambling, and payment processing fraud schemes. Tyurin previously pleaded guilty to these charges.
From approximately 2012 to mid-2015, Tyurin engaged in an extensive computer hacking campaign targeting financial institutions, brokerage firms, and financial news publishers in the U.S. and was responsible for the theft of personal information of over 100 million customers of the victim companies. His hack of J.P. Morgan Chase Bank alone resulted in the theft of personal information of over 80 million customers.
Tyurin engaged in these crimes at the direction of his partner Gery Shalon, and in furtherance of other criminal schemes overseen and operated by Shalon and his co-conspirators, including securities fraud schemes in the United States. For example, in an effort to artificially inflate the price of certain stocks publicly traded in the U.S., Shalon and his co-conspirators marketed the stocks in a deceptive and misleading manner to customers of the victim companies whose contact information Tyurin stole in the intrusions.
In addition to the U.S. financial sector hacks, from approximately 2007 to mid-2015 Tyurin also conducted cyberattacks against numerous U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.
Tyurin’s hacking activity included the targeting of companies known to be used for email marketing campaigns, competitor online casinos, and a merchant risk intelligence firm based in the United States, in order for the co-conspirators to monitor the firm’s efforts to audit potentially criminal online credit card transactions on behalf of major credit card networks, and thus avoid detection of their own criminal schemes.
The hacker used computer infrastructure located across five continents, which he controlled from his home in Moscow, and maintained persistent access over extended periods of time to the victims’ networks, regularly refreshing the stolen data by repeatedly downloading information from these companies. And once his hacking activities were detected, Tyurin worked with Shalon to destroy the evidence of their criminal activity and undermine U.S. law enforcement’s efforts to identify and arrest them.
Through these various criminal schemes, Tyurin, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds, and Tyurin himself earned over $19 million in profits from his hacking activity.
In addition to the prison term, Tyurin was ordered to serve three years of supervised release, and to pay forfeiture in the amount of $19,214,956.