Friday, March 29, 2024

Russian Hacker Sentenced to 12 years in Prison for his Role in an International Hacking Campaign

The Acting United States Attorney for the Southern District of New York, Audrey Strauss, announced that “Andrei Tyurin,” a Russian Hacker was sentenced in Manhattan federal court to 144 months in prison for computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses in connection with his involvement in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.

An insight into the incident

Andrei Tyurin was accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid of 2015.

His major role in orchestrating and facilitating an international hacking campaign that included one of the largest thefts of U.S. customer data from a single financial institution in history, stealing the personal information of more than 80 million J.P. Morgan Chase customers.

“The conspiracy targeted major financial institutions, brokerage firms, news agencies, and other companies, and netted Tyurin over $19 million in criminal proceeds”, says the Acting U.S. Attorney Audrey Strauss.

Tyurin was responsible for the theft of personal information of over 100 million customers of the victim companies such as J.P. Morgan Chase Bank, E*Trade, Scottrade, and the Wall Street Journal.

In one such instance of security fraud, Tyurin collaborated with his partner Gery to artificially inflate the price of certain stocks publicly traded in the U.S., by marketing the stocks deceptively and misleadingly to customers of the targeted companies whose contact information was stolen during the intrusions.

The hacker also carried out cyberattacks against several U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.

His hacking activity included the targeting of companies known to be used for email marketing campaigns, competitor online casinos, and a merchant risk intelligence firm based in the United States, in order for the co-conspirators to monitor the firm’s efforts to audit potentially criminal online credit card transactions on behalf of major credit card networks, and thus avoid detection of their criminal schemes.

He used computer infrastructure located across five continents, which he controlled from his home in Moscow, and maintained persistent access over an extended time to the victims’ networks, regularly refreshing the stolen data by frequently downloading information from these companies.

Once his hacking activities were detected, TYURIN worked with Shalon to destroy the evidence of their criminal activity and undermine U.S. law enforcement’s efforts to identify and arrest them.

“TYURIN, Shalon, and their co-conspirators obtained hundreds of millions of dollars in illicit proceeds, and TYURIN himself earned over $19 million in profits from his hacking activity”, reads the press release published by the DoJ.

The Justice Department said Tyurin has been ordered to forfeit over $19 million, with a court hearing on his restitution obligations scheduled for April 6.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Also Read

Russian Hackers Breached US govt, FireEye in a Supply Chain Attack

FBI, CISA, ODNI, and NSA Says Russian Threat Actors Behind SolarWinds Hack

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles