Russian in Bank Hack Faces 15 to 20 Years, U.S. Says

A Russian who admitted carrying out one of the largest known cyberattacks against a U.S. bank is a “brazen and prolific” hacker who should serve as long as almost two decades in prison, U.S. prosecutors told a federal judge in advance of his sentencing.

Andrei Tyurin pleaded guilty in September 2019 to charges that he stole data on more than 80 million clients of JPMorgan Chase & Co. and other institutions as part of a scheme that netted hundreds of millions of dollars in ill-gotten gains.

Prosecutors said he worked with an Israeli citizen, Gery Shalon, to steal customer information from 12 financial news companies, banks and other financial firms, including Fidelity Investments, E-Trade Financial and Dow Jones & Co. His co-conspirators used the information to ply customers with spam emails promoting stocks in hopes of profiting from upswings.

In a memo filed on Tuesday, the government urged U.S. District Judge Laura Taylor Swain in Manhattan to hand down a punishment consistent with federal sentencing guidelines, under a plea agreement, when Tyurin is sentenced on Dec. 3. The guidelines call for him to spend from 15 years and eight months to 19 years and seven months in prison.

‘Enormous Destructive Impact’

Prosecutors said Tyurin was paid $19 million for his work, scheming with Shalon to destroy evidence that might lead to their apprehension, and should serve a sentence that reflects the “enormous destructive impact” of his hacking.

“Tyurin executed his crimes deliberately and over an extended period of time, and did so primarily for his own self-enrichment,” prosecutors said. “Using his specialized technical skills, Tyurin was able to infiltrate and steal from some of the world’s most sophisticated financial institutions based in the United States, profiting from his thefts while working in anonymity thousands of miles away in Russia.”

Tyurin was taken into custody in 2018 in the Republic of Georgia and extradited to the U.S. An accountant, Ziv Orenstein, was spared further prison time in October after helping prosecutors unravel Shalon’s criminal enterprise. Orenstein was Shalon’s top lieutenant in a group that allegedly stole information on millions of customers of the banks and publishing firms and used it to generate hundreds of millions of dollars in illicit proceeds from pump-and-dump stock scams and online gambling.

‘Shalon’s Employee’

Shalon and Orenstein were arrested in Israel in 2015 and extradited to the U.S. in 2016. While Shalon’s case hasn’t been resolved, people familiar with it have said Shalon is cooperating with authorities. Orenstein pleaded guilty in 2016 and spent 13 months in custody.

Tyurin’s lawyers asked the judge to impose a sentence below the guidelines, saying prosecutors had inflated their client’s role in the criminal operation. While Tyurin “played an integral role” in Shalon’s schemes, and his hacking gave him illegal access to computer systems that helped him maximize profits, he was hardly a partner in the enterprise, they said.

“Mr. Tyurin was Shalon’s employee,” his lawyers said in a court filing. “He worked at Shalon’s direction, not on his own initiative. He was paid by Shalon. The ideas about which companies to hack to further Shalon’s interests all came from Shalon.”

They said it is “no surprise that in a seven-year criminal relationship, in which the boss relied on the technical expertise of his employee, there would be occasional dialogue about best approaches, or mutual brainstorming on how to accomplish a particular goal.” They argued that doesn’t “transform the employee with technical expertise into a partner.”

Joshua Aaron, an American who allegedly conspired with Shalon and Orenstein, was detained by Russian authorities in 2015 and returned to the U.S. to face charges. He denies wrongdoing.

The case is U.S. v. Shalon, 15-cr-00333, U.S. District Court, Southern District of New York (Manhattan).

©2020 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.