Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced today that ANDREI TYURIN, a/k/a “Andrei Tiurin,” pled guilty in Manhattan federal court to computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses in connection with his involvement in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.  These hacks included one of the largest thefts of customer data from a U.S. financial institution in history.  TYURIN is charged with committing these crimes with Gery Shalon, a/k/a “Garri Shalelashvili,” a/k/a “Gabriel,” a/k/a “Gabi,” a/k/a “Phillipe Mousset,” a/k/a “Christopher Engeham”; Joshua Samuel Aaron, a/k/a “Mike Shields”; and Ziv Orenstein, a/k/a “Aviv Stein,” a/k/a “John Avery,” in furtherance of securities market manipulation, illegal online gambling, and payment processing fraud schemes perpetrated by Shalon, Aaron, Orenstein, and their co-conspirators.  TYURIN pled guilty before U.S. District Judge Laura Taylor Swain. 

Manhattan U.S. Attorney Geoffrey S. Berman said:  “Andrei Tyurin’s extensive hacking campaign targeted major financial institutions, brokerage firms, news agencies, and other companies.  Ultimately, he gathered the customer data of more than 80 million victims, one of the largest thefts of U.S. customer data from a single financial institution in history.  With today’s plea, Tyurin’s global reign of computer intrusion is over and he faces significant time in a U.S. prison for his crimes.”

According to the allegations contained in the Indictments to which TYURIN pled guilty, other filings in this case, and statements made during court proceedings, including TYURIN’s guilty plea hearing:

From approximately 2012 to mid-2015, TYURIN engaged in an extensive computer hacking campaign targeting financial institutions, brokerage firms, and financial news publishers in the U.S., including the theft of personal information of over 100 million customers of the victim companies.  TYURIN’s hack of one financial institution headquartered in Manhattan resulted in the theft of personal information of over 80 million customers, making it one of the largest theft of customer data from a U.S. financial institution in history.  TYURIN engaged in these crimes at the direction of Shalon and in furtherance of other criminal schemes overseen and operated by Shalon and his co-conspirators, including securities fraud schemes in the United States.  For example, in an effort to artificially inflate the price of certain stocks publicly traded in the U.S., Shalon and his co-conspirators marketed the stocks in a deceptive and misleading manner to customers of the victim companies whose contact information TYURIN stole in the intrusions.

In addition to the U.S. financial sector hacks, TYURIN also conducted cyberattacks against numerous U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.  Nearly all of these illegal businesses, like the securities market manipulation schemes, exploited the fruits of TYURIN’s computer hacking campaigns.  Through these various criminal schemes, TYURIN, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds.

*                *                *

TYURIN, 35, of Moscow, Russia, pled guilty to one count of conspiracy to commit computer hacking, which carries a maximum sentence of five years in prison; one count of wire fraud, which carries a maximum sentence of 20 years in prison; one count of conspiracy to violate the Unlawful Internet Gambling Enforcement Act, which carries a maximum sentence of five years in prison; and one count of conspiracy to commit wire fraud and bank fraud, which carries a maximum sentence of 30 years in prison.  In addition, TYURIN pled guilty to one count of conspiracy to commit wire fraud, which carries a maximum sentence of 30 years in prison; and one count of conspiracy to commit computer hacking, which carries a maximum sentence of five years prison, which was transferred from the Northern District of Georgia for purposes of his plea. 

TYURIN is scheduled to be sentenced by Judge Swain on February 13, 2020.

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by Judge Swain.

Mr. Berman praised the investigative work of the FBI and the U.S. Secret Service, and expressed his sincere gratitude to the Chief Prosecutor’s Office of Georgia and the Ministry of Justice of Georgia for their support and assistance with the extradition proceedings.  He also thanked the Securities and Exchange Commission, Homeland Security Investigations, the Financial Industry Regulatory Authority, the Office of International Affairs of the U.S. Department of Justice for its assistance with the extradition, and the Financial Services Information Sharing and Analysis Center, which significantly aided the investigation by facilitating information-sharing among the victim institutions.

The prosecution of this case is being overseen by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorneys Eun Young Choi, Noah Solowiejczyk, and Sarah Lai are in charge of the prosecution.

Geoffrey S. Berman, the United States Attorney for the Southern District of New York, William F. Sweeney, Jr., the Assistant Director-in-Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), and David E. Beach, Special Agent in Charge of the U.S. Secret Service New York Field Office (“USSS”) announced today that ANDREI TYURIN, a/k/a “Andrei Tiurin,” was extradited from the country of Georgia.  TYURIN was arrested by Georgian authorities at the request of the United States for charges arising from his participation in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.  These hacks included the largest theft of customer data from a U.S. financial institution in history.  TYURIN is charged with committing these crimes with Gery Shalon, a/k/a “Garri Shalelashvili,” a/k/a “Gabriel,” a/k/a “Gabi,” a/k/a “Phillipe Mousset,” a/k/a “Christopher Engeham”; Joshua Samuel Aaron, a/k/a “Mike Shields”; and Ziv Orenstein, a/k/a “Aviv Stein,” a/k/a “John Avery,” in furtherance of securities market manipulation, illegal online gambling, and payment processing fraud schemes perpetrated by Shalon, Aaron, Orenstein, and their co-conspirators. 

TYURIN, a Russian citizen, arrived in the Southern District of New York earlier today, and will be presented this afternoon in Manhattan federal court before United States Magistrate Judge Henry B. Pitman.  TYURIN is expected to appear before United States District Judge Laura Taylor Swain on September 25, 2018, at 2:00 PM. 

Manhattan U.S. Attorney Geoffrey S. Berman said:  “Andrei Tyurin, a Russian national, is alleged to have participated in a global hacking campaign that targeted major financial institutions, brokerage firms, news agencies, and other companies.  Tyurin’s alleged hacking activities were so prolific, they lay claim to the largest theft of U.S. customer data from a single financial institution in history, accounting for a staggering 80 million-plus victims.  As Americans increasingly turn to online banking, theft of online personal information can cause devastating effects on their financial wellbeing, sometimes taking years to recover.  Today’s extradition marks a significant milestone for law enforcement in the fight against cyber intrusions targeting our critical financial institutions.”

FBI Assistant Director William F. Sweeney Jr. said:  “Andrei Tyurin allegedly engaged in a long-running effort to hack into the systems of U.S. based financial institutions, brokerage firms and financial news publishers, all from the perceived safety of operating outside our borders.  As alleged, his illegal acts included the historically largest theft of customer data from a U.S. financial institution.  Today’s charges and extradition should serve as a lesson to all those who would conspire to engage in similar activity that the FBI and our partners will continue to bring these hackers to justice, regardless of where they may hide.  I’d like to specifically thank our partners with the United States Secret Service, whose collaboration was crucial to seeing this case to fruition.”

U.S. Secret Service Special Agent in Charge David E. Beach said:  “This case represents the core of the U.S. Secret Service’s integrated mission to secure our nation’s cyber related financial infrastructure and protect our nation’s leadership.  The collaboration between the Secret Service New York Field Office Electronic Crimes Task Force, FBI New York Office Cyber Division and our global law enforcement partners demonstrates the commitment to combating cyber-enabled financial crimes and ensuring those responsible are held accountable.”

According to the allegations contained in the superseding indictments unsealed today in Manhattan federal court[1], other filings in this case, and statements made during court proceedings:

From approximately 2012 to mid-2015, TYURIN engaged in an extensive computer hacking campaign targeting financial institutions, brokerage firms, and financial news publishers in the United States, including the theft of personal information of over 100 million customers of the victim companies.  TYURIN’s hack of one financial institution headquartered in Manhattan resulted in the theft of personal information of over 80 million customers, making it the largest theft of customer data from a U.S. financial institution in history.  TYURIN engaged in these crimes at the direction of Shalon and in furtherance of other criminal schemes overseen and operated by Shalon and his co-conspirators, including securities fraud schemes in the United States.  For example, in an effort artificially to inflate the price of certain stocks publicly traded in the United States, Shalon and his co-conspirators marketed the stocks in a deceptive and misleading manner to customers of the victim companies whose contact information TYURIN stole in the intrusions.

In addition to the U.S. financial sector hacks, TYURIN also conducted cyberattacks against numerous U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.  Nearly all of these illegal businesses, like the securities market manipulation schemes, exploited the fruits of TYURIN’s computer hacking campaigns.  Through these various criminal schemes, TYURIN, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds.

*                *                *

TYURIN, 35, of Moscow, Russia, is charged with one count of conspiracy to commit computer hacking, which carries a maximum prison term of five years; one count of wire fraud, which carries a maximum prison term of 30 years; four counts of computer hacking, each of which carries a maximum prison term of five years; one count of conspiracy to commit securities fraud, which carries a maximum prison term of five years; one count of conspiracy to violate the Unlawful Internet Gambling Enforcement Act, which carries a maximum prison term of five years; one count of conspiracy to commit wire fraud and bank fraud, which carries a maximum prison term of 30 years; and aggravated identity theft, which carries a mandatory consecutive term of imprisonment of two years. 

The maximum potential sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by Judge Swain.

Mr. Berman praised the investigative work of the Federal Bureau of Investigation and the U.S. Secret Service, and expressed his sincere gratitude to the Chief Prosecutor’s Office of Georgia and the Ministry of Justice of Georgia for their support and assistance with the extradition proceedings.  He also thanked the Securities and Exchange Commission, Homeland Security Investigations, the Financial Industry Regulatory Authority, the Office of International Affairs of the U.S. Department of Justice for its assistance with the extradition, and the Financial Services Information Sharing and Analysis Center, which significantly aided the investigation by facilitating information-sharing among the victim institutions.

The prosecution of this case is being overseen by the Office’s Complex Frauds and Cybercrime Unit.  Assistant U.S. Attorneys Eun Young Choi, Noah Solowiejczyk, and Sarah Lai are in charge of the prosecution.  Assistant U.S. Attorney Daniel Tracer is in charge of the forfeiture aspects of the case.

The charges contained in the indictments are merely accusations and TYURIN is presumed innocent unless and until proven guilty.

 





[1] As the introductory phrase signifies, the entirety of the texts of the Superseding Indictments and the descriptions of the Superseding Indictments set forth below constitute only allegations, and every fact described should be treated as an allegation.