Extradited Russian Hacker Linked to Affactive Online-Gambling Fraud Group
The US Attorney’s Office for the Southern District of New York announced today the extradition from Georgia of a notorious Russian hacker, Andrei Tyurin, long wanted in connection with a massive string of computer-based attacks that targeted major US financial institutions. Tyurin’s activities are also part of the widespread online gambling fraud conducted by the Affactive and Revenue Jet online-casino and affiliate operations whose no-pay gambling sites bilked consumers out of millions of dollars earlier in the decade.
The successful extradition of Tyurin (also spelled “Tiurin”) continues the global enforcement efforts against the hacking and criminal group led by Israeli nationals Gery Shalon and Ziv Orenstein, along with American citizen Joshua Samuel Aaron. These three, along with Tyurin and several others, formed an international criminal ring with wide-ranging illicit activities. The hacks orchestrated by Tyurin and the others, according to the Manhattan USAG office’s statement, represented “the largest theft of customer data from a U.S. financial institution in history,” that of JP Morgan Chase.
Those hacking efforts targeted such firms as JP Morgan Chase, TD Ameritrade, Scottrade, e-Trade, and Fidelity, yet they were but one aspect of the ring’s criminal activities. There was also fraudulent penny-stock “pump and dump” campaigns spammed out to the many thousands of financial investors whose contact and personal information was stolen in the hacking attacks.
And then there was the whole online-gambling angle, centered on Affactive, later known as Jet Revenue and as Netad Management. The Shalon-led companies operated a string of worthless online casinos and related affiliate operations, with the fraudulent Netad sites known to include Win Palace Casino, Casino Titan, Slots Jungle Casino, Jackpot Grand Casino, Golden Cherry Casino, Slots of Fortune, Begado Casino, Grand Macau Casino, Grand Macau Live Dealer Casino, and WinPalacePlay.
Shalon was generally considered the mastermind of the group, with Orenstein and Aaron in supporting leadership roles. The indictment against Tyurin depicts him as the primary computer hacker supporting the group’s criminal activities. Those hacking efforts weren’t limited to just the securities firms: Tyurin or other Affactive-associated hackers hijacked thousands of thousands of inactive WordPress blogs and inserted scripts into them via known security vulnerabilities. That process overloaded Google’s search algorithms and directed lots of search traffic to Affactive and Netad sites and links, bringing in deposits from unwitting online gamblers and contributing to the massive wealth garnered by the group.
This was indeed big-time money. As the complaint against Tyurin stated, “Nearly all of these illegal businesses, like the securities market manipulation schemes, exploited the fruits of Tyurin’s computer hacking campaigns. Through these various criminal schemes, Tyurin, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds.”
It was at least that, meaning hundreds of millions. Each of the other three men faced US justice in the months after the 2015 superceding indictment in that matter, with Aaron eluding capture for several months in late 2015 after fleeing to Russia. Yet the settlement the US eventually reached with Affactive ringleader Shalon indicated the wealth the criminal group had amassed; that settlement, in addition to the several months spent in prison, called for Shalon to pay a whopping $403 million penalty.
Hacking genius Tyurin now faces a similar judicial hammering for his crimes. He’s potentially facing, according to the USAG statement, “one count of conspiracy to commit computer hacking, which carries a maximum prison term of five years; one count of wire fraud, which carries a maximum prison term of 30 years; four counts of computer hacking, each of which carries a maximum prison term of five years; one count of conspiracy to commit securities fraud, which carries a maximum prison term of five years; one count of conspiracy to violate the Unlawful Internet Gambling Enforcement Act, which carries a maximum prison term of five years; one count of conspiracy to commit wire fraud and bank fraud, which carries a maximum prison term of 30 years; and aggravated identity theft, which carries a mandatory consecutive term of imprisonment of two years. ”
Manhattan U.S. Attorney Geoffrey S. Berman said: “Andrei Tyurin, a Russian national, is alleged to have participated in a global hacking campaign that targeted major financial institutions, brokerage firms, news agencies, and other companies. Tyurin’s alleged hacking activities were so prolific, they lay claim to the largest theft of U.S. customer data from a single financial institution in history, accounting for a staggering 80 million-plus victims. As Americans increasingly turn to online banking, theft of online personal information can cause devastating effects on their financial well-being, sometimes taking years to recover. Today’s extradition marks a significant milestone for law enforcement in the fight against cyber intrusions targeting our critical financial institutions.”
Tyurin will be arraigned in a US District Court on September 25.