[BreachExchange] JPMorgan Hacker Will Plead Guilty Over Role in Vast Cyber-Attack

Destry Winant destry at riskbasedsecurity.com
Wed Sep 18 10:12:34 EDT 2019


A Russian hacker at the center of an alleged scheme to steal financial
data on more than 80 million JP Morgan Chase & Co. clients will plead
guilty later this month, according to a U.S. court filing.

Andrei Tyurin, who was extradited last year from the Republic of
Georgia, is accused of performing key tasks that netted hundreds of
millions of dollars in illicit proceeds from the hack of JPMorgan and
other companies. Tyurin has struck a plea agreement with federal
prosecutors in New York to resolve the charges and is set to appear
for a plea hearing next week.

Since he was first brought before a New York judge, hearings in
Tyurin’s case have been repeatedly canceled, and previous court
filings have said prosecutors and defense lawyers were engaged in plea
negotiations. In a filing late Friday, prosecutors from the Manhattan
U.S. attorney’s office sought to consolidate Tyurin’s case in New York
with one filed in Atlanta, in which he and others were accused of
hacking online brokerage E*Trade.

At the time of the hacks, the breach was so vast that U.S. authorities
suspected it was the work of a state-sponsored cyberattack, with
potential ties to Russia’s intelligence agencies. But they ultimately
concluded it was the work of a broad criminal enterprise, with the
purloined funds fueling other schemes including stock manipulation,
online gambling and money laundering.

Tyurin’s lawyer, Florian Miedel, did not immediately return a
telephone call seeking comment. A spokeswoman for the U.S. Attorney’s
office declined comment.

Tyurin and other co-defendants were charged in 2015. Tyurin remained
at large for years even as his confederates were apprehended, until
his capture in Georgia.

The ringleader of the operation, Gery Shalon, was arrested in Tel Aviv
in 2015 and extradited to the U.S. His prosecution hasn’t been
resolved, and people familiar with the case have said he has been
cooperating with U.S. authorities. He and other co-defendants agreed
to a series of deals with authorities to repatriate stolen funds
stashed in bank accounts in Switzerland, Georgia, Cyprus, Luxembourg
and Latvia.

What information Shalon and Tyurin have that could be of value to U.S.
authorities remains unclear, but the men were at the center of a
network that could potentially illuminate links between Russia’s cyber
criminals, spy agencies and international money laundering networks.

More information about the BreachExchange mailing list