Hacker targeting JPMorgan and E*Trade to pay $19.95M in restitution to victims

Russian hacker Andrei Tyurin, who targeted companies such as JPMorgan and E*Trade, will have to pay restitution of $19,952,861 to victims. This becomes clear from an order signed by Judge Laura Taylor Swain of the New York Southern District Court on April 5, 2021.

The order, seen by FX News Group, states that Andrei Tyurin, the defendant, shall pay restitution in the total amount of $19,952,861, pursuant to 18 U.S.C. §§ 3663, 3663A, and 3664 to the victims of the offenses charged in Counts One, Two, Eight and Nine of the Indictment in 15 Cr. 333, and Counts One and Five of the Indictment in 19 Cr. 658.

Restitution is joint and several with defendants Gery Shalon and Joshua Samuel Aaron.

On January 7, 2021, Andrei Tyurin was sentenced in Manhattan federal court to 144 months in prison for computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses in connection with his involvement in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.

From approximately 2012 to mid-2015, Tyurin engaged in an extensive computer hacking campaign targeting financial institutions, brokerage firms, and financial news publishers in the U.S. and was responsible for the theft of personal information of over 100 million customers of the victim companies. His hack of J.P. Morgan Chase Bank alone resulted in the theft of personal information of over 80 million customers.

In addition to the U.S. financial sector hacks, from approximately 2007 to mid-2015 Tyurin also conducted cyberattacks against numerous U.S. and foreign companies in furtherance of various criminal enterprises, including unlawful internet gambling businesses and international payment processors.

Tyurin’s hacking activity included the targeting of companies known to be used for email marketing campaigns, competitor online casinos, and a merchant risk intelligence firm based in the United States, in order for the co-conspirators to monitor the firm’s efforts to audit potentially criminal online credit card transactions on behalf of major credit card networks, and thus avoid detection of their own criminal schemes.

The hacker used computer infrastructure located across five continents, which he controlled from his home in Moscow, and maintained persistent access over extended periods of time to the victims’ networks, regularly refreshing the stolen data by repeatedly downloading information from these companies.