A Russian hacker pleaded guilty on Monday to perpetrating the largest-known computer hack on a US financial institution in corporate history.
Tyurin breached JPMorgan Chase back in 2014, producing hundreds of millions of dollars in illicit revenue and ultimately stole sensitive data of more than 80 million JPMorgan clients.
Andrei Tyurin, 35, pleaded guilty in United States District Court in Manhattan to computer intrusion, wire fraud, and illicit online gambling offences associated with the broad hacking campaign that targeted major US banks, financial news publishers, brokerage firms, and other corporations as part of a securities-fraud conspiracy conducted by co-conspirators. Some of the notable victims included Dow Jones & Co, Fidelity Investments, and E-Trade Financial.
Every charge carries between at least five to thirty years of jail time. Tyurin could face a term of up to life in jail when he is sentenced on Feb. 13. Federal prosecutors will recommend that Tyurin serve 15 to 20 years in jail.
Prosecutors said that Tyurin, at the direction of co-conspirator Gery Shalon, hacked into businesses and deployed the stolen data for their own financial benefit. The conspiracy produced tens of millions of dollars in illicit proceeds.
The information was not merely stolen but also utilized to ply customers with spam emails promoting stocks the hackers had earlier invested in, in the expectation that other customers would increase the value of their shares and permit them to cash out.
At the time of Israeli businessman Shalon’s arrest, he had $100 million in Swiss bank accounts, and court records indicate that he agreed to repatriate hundreds of millions more kept in bank accounts in Switzerland, Luxembourg, Georgia, Latvia, and Cyprus.
Tyurin also conducted attacks on several US and foreign businesses to further additional criminal enterprises ran by Shalon and other co-conspirators. Such enterprises included illicit Internet gambling businesses, illegal cryptocurrency exchanges, and international payment processors. Some of the funds were laundered through a Bitcoin exchange.
Tyurin has agreed to forfeit more than $19 million, an enormous amount that was reached on the basis of on the amount he was to be paid.
The sophistication and extent of the hacks led US investigators to initially suspect that the cyberattack was state-sponsored, being potentially related to Russian intelligence. Nevertheless, authorities ultimately discovered that the cyberattacks were performed by financially motivated adversaries.