Crime Articles 2021- 2024 2023 2022 2021 2020 Crime List - H 2021 2020 2019 2018 2017
Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters
6.10.21 Crime Thehackernews
Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property crime, netting the gang about €10 million ($11.7 million) in illegal proceeds in just a year.
"The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such as SIM swapping and business email compromise before laundering the money through a wide network of money mules and shell companies," Europol said in a statement published today.
The group operated out of Tenerife, located in Spain's Canary Islands.
The development comes following a year-long sting operation that saw as many as 16 house searches in Santa Cruz de Tenerife, Turin, and Isernia, resulting in 106 arrests — mostly in Spain and Italy — and seizure of electronic devices, 224 credit cards, SIM cards, point-of-sale terminals, a marijuana plantation, and equipment used for its cultivation and distribution. 118 bank accounts have also been frozen as a result of the bust.
The criminal network is said to have been fashioned as a pyramid structure, with different members roped in for specialized roles, including computer experts, who created phishing domains and facilitated cyber fraud, as well as recruiters who were involved in money muling activities, and specialists adept in cryptocurrencies and money laundering.
The arrested members, a majority of whom are Italian nationals with links to mafia cartels such as Camorra Napolitana, Casamonica, Nuvoletta, and Sacra Corona Unita, lured their victims into transferring large amounts of money to bank accounts under their control. The illicitly acquired profits were then laundered through a wide network of money mules and shell companies.
The Italian National Police, in a separate statement, noted that the hackers had expertise in the latest generation phishing and vishing attacks and in the use of social engineering techniques, adding the "stolen sums were later recycled through the purchase of cryptocurrency or reinvested in further criminal activities, such as prostitution, drug production and trafficking, [and] arms trafficking."
The investigation was undertaken jointly by the Spanish National Police (Policía Nacional), and supported by the Italian National Police (Polizia di Stato), Europol, and Eurojust.
"This group of criminals had managed to settle and enter different levels of society: Business networks, law firms and banking entities, among others," the Spanish National Police said in a press release. "This level of settlement not only gave the organization impunity for money laundering, but also for the different criminal activities of these Mafia groups carried out in Spain."
Office 365 Cyberattack Lands Disgruntled IT Contractor in Jail
24.3.2021 Crime Threatpost
A former IT contractor is facing jailtime after a retaliatory hack into a company’s network and wiping the majority of its employees’ Microsoft Office 365 accounts.
A former IT contractor has been sentenced to two years in prison after hacking into a company’s server and deleting the majority of its employees’ Microsoft Office 365 (O365) accounts. The incident resulted in the company completely shutting down for two days.
The 32-year-old contractor, Deepanshu Kher, was initially employed by an unnamed IT consulting firm from 2017 through May 2018. In 2017, the consulting firm was hired by an unnamed company in Carlsbad, Calif. to assist with its migration to a O365 environment – and sent Kher to assist with the project.
However, according to the Department of Justice (DoJ) on Monday, the company was dissatisfied with Kher’s work. Kher was pulled from the project in 2018 and fired from the consulting firm a few months later.
On Aug. 8, 2018, Kher then hacked into the company’s server and deleted over 1,200 of its 1,500 O365 user accounts. According to the DoJ, the attack affected the bulk of the company’s employees and completely shut down the company.
“Employees’ accounts were deleted – they could not access their email, their contacts lists, their meeting calendars, their documents, corporate directories, video and audio conferences, and virtual Teams environment necessary for them to perform their jobs,” according to the DoJ. “Outside the company, customers, vendors and consumers were unable to reach company employees (and the employees were unable to reach them). No one could inform these buyers what was going on or when the company would be operational again.”
Even after those two days, issues persisted for the employees of the company. For instance, employees were not receiving meeting invites, their contact lists could not be completely rebuilt, and they could no longer access certain folders that they previously had access to.
Kher, an Indian national who had returned to India in 2018 before carrying out the hack, was arrested when he flew from India to the United States on Jan. 11. According to the DoJ, he was unaware of the outstanding warrant for his arrest.
In addition to two years in jail, a U.S. district court judge sentenced Kher to three years’ supervised release and ordered restitution to the company of $567,084 (the amount the company paid to fix the problems caused by the hack).
Of note, the maximum penalty for the crime for which Kher was convicted (“intentional damage to a protected computer”) is 10 years in prison.
The incident is a stark reminder of the devastating impact that “insider threats” – whether it’s by a disgruntled employee, third-party contractor or otherwise — can have on the security and privacy of company data.
In December, a man was sentenced to two years in jail after being convicted of hacking Cisco’s Webex collaboration platform in an insider-threat case brought to the U.S. District Court in California.
And in another similar incident, the massive Capital One breach in 2019 – which hit more than 100 million people in the U.S. and 6 million in Canada – stemmed from a former engineer at Amazon Web Services (AWS) who worked with the company, who allegedly boasted about the data theft on GitHub.
In order to combat such insider-threat risks, Rick Holland, CISO and vice president of strategy at Digital Shadows, said that organizations should conduct an insider-threat risk assessment on their critical business functions that could be leveraged by an insider to conduct fraud.
“The most important complication in addressing the insider threat in today’s remote workforce world is that the security controls designed to monitor and capture activity may not be as capable as they were in the traditional on-premises world,” said Holland.
Ripoff Report Hacker Gets 12 Months in Prison
19.3.2021 Crime Securityweek
The United States Department of Justice on Wednesday announced that a Cypriot national who admitted to hacking the websites of various U.S.-based companies was sentenced to 12 months and one day in prison, on top of the four years already served in custody.
The man, Joshua Polloso Epifaniou, now 22, of Nicosia, Cyprus, was arrested in his country in May 2017 and was extradited to the United States in July 2020.
In January 2021, Epifaniou admitted in court to perpetrating a scheme in which he hacked the websites of multiple companies, exfiltrated data of interest, and then contacted the victim organizations to demand a ransom payment, threatening to make the data public.
The hacker perpetrated the intrusions between October 2014 and May 2017. Some of the victims include an Atlanta sports news website of Turner Broadcasting System Inc., a California-based free online game publisher, a New York hardware company, the Ripoff Report consumer report website, and a Virginia-based online employment website.
Working with co-conspirator Pierre Zarokian, Epifaniou not only extorted Ripoff Report, but also hacked into the website to remove complaints for paying customers, charging between $1,000 and $5,000 per removed complaint, claiming that the removals were court-ordered. Zarokian was sentenced in 2020.
Epifaniou also agreed to forfeit $389,113 and 70,000 euros to the government, and to pay roughly $600,000 in restitution to the victims.
He is the first Cypriot to have ever been extradited from Cyprus to the U.S.
European Police Pounce After Cracking Crime Chat Network
11.3.2021 Crime Securityweek
Police said Wednesday they had arrested at least 80 people and carried out hundreds of raids in two European countries after shutting down an encrypted phone network used by organised crime groups.
Belgian, Dutch and French police said they hacked into the SKY ECC network, allowing them to look "over the shoulders" of suspects as they communicated with customised devices to plot drug deals and murders.
"During an action day on Tuesday, large numbers as well as numerous house searches and seizures were made in Belgium and the Netherlands," Europol and its judicial twin agency Eurojust, said in a statement.
In France, law officials have identified some 2,000 users of SKY ECC "allowing for procedures to be opened relating to large-scale drug operations and attacks on people," the Paris prosecutor said.
"The network we are dealing with seems to be almost exclusively used by large-scale criminals."
Police launched a top-secret operation to crack the SKY ECC network -- which operates over a special phone -- and "as of mid-February, authorities have been able to monitor the information flow of approximately 70,000 users," the Hague-based law agencies said.
Users paid high subscription prices for the encrypted devices, "up to 2000 euros ($2,300) per line and for six months," the French prosecutor said.
SKY ECC in a statement denied it had been hacked.
It said however that phony devices sold through unauthorised channels had been compromised by a phishing application.
"SKY ECC has not been contacted by any investigative authority," it added, saying the company "has a strict zero-tolerance policy that prohibits any criminal activity on its platforms."
- 'Over criminals' shoulders' -
In Belgium, police raided some 200 homes and arrested at least 48 people. Police confiscated at least 185 devices with SKY ECC encryption.
Called "Operation Argus" in the Netherlands, police arrested 30 people and searched 75 homes. Police also recovered 28 guns in Rotterdam.
"We managed to crack the crypto communication of crime groups who smuggled large quantities of cocaine and carried out liquidations," Amsterdam detective chief Jonne Janssen said.
"I'm not talking about being able to read a small amount. I'm talking about hundreds of millions of messages that our now in our hands," she said in a video statement.
The breakthrough comes after police last year hacked into the EncroChat network, which operated in a similar fashion.
"Many criminals decided to move over to SKY ECC after that," Europol spokesman Jan Op Gen Oorth told AFP.
"But police cracked that too and it was like being able to look over the criminals' shoulders as they were sending messages in real time," he said.
"The latest breakthrough and arrests so far is just the tip of the iceberg. Many more are going to follow," Oorth added.
Computer Malware Fraudster Gets 2 Years in Prison
14.2.2021 Crime Securityweek
A man who played a key role in a computer malware scam has been sentenced to two years in prison, federal prosecutors say.
Manish Kumar, 32, directed telephone calls to call centers in India as part of a scheme to mislead individuals into believing that their computers were infected by malware. The callers were then persuaded to buy technical support services that were never provided, according to a statement Friday from the U.S. attorney’s office in Rhode Island.
The victims were then targeted by the scammers again, authorities said. They were told they had been sent excessive refunds, and asked to return the overage. But because no refunds had actually been sent to the victims, they were just parting with more of their own money, prosecutors said.
Kumar, a native of India, admitted to providing money routing services for the scheme and making fraudulent charges on 37 credit cards that were not his, prosecutors said.
Kumar, who was arrested in the U.S. in 2019, pleaded guilty in November to conspiracy to commit wire fraud, wire fraud, and aggravated identity theft. He was also sentenced three years of probation and ordered to pay $5,000 in restitution.
'Money Mule' Operator Gets Seven-Year Prison Sentence
13.2.2021 Crime Securityweek
This week the United States sentenced a Ukrainian man to prison for his involvement in a scheme to steal money from the bank accounts of U.S. victims and launder the funds to bank accounts overseas.
The man, Aleksandr Musienko, 38, of Odessa, Ukraine, was extradited to the United States in 2019, after being arrested in South Korea. He was also known as “Oleksandr Serhiyovych Musiyenko,” “Robert Davis,” and “Ply.”
According to Musienko’s plea agreement and other documents presented in court, the defendant operated the illicit scheme between 2009 and 2012.
During this time, in partnership with Eastern European hackers, he was involved in the theft of more than $3 million from U.S. bank accounts, and proceeded to launder the funds to accounts overseas.
Musienko’s associates, the Department of Justice reveals, stole information from U.S. victims, and then leveraged the data to impersonate the victims and trick banks into approving withdrawals from the victims’ accounts.
The DoJ reveals that Musienko was involved in the recruitment of money mules, while also supervising and directing them. The individuals were recruited as financial assistants, through employment websites.
The mules, who were tricked into believing they were working for a legitimate business, were told they were assisting clients with the transfer of funds overseas.
In one incident, a total of $296,278 was transferred to two bank accounts controlled by mules, who Musienko instructed to wire the funds to European bank accounts. The fraud was detected and $197,526.36 in stolen funds was deducted from one of the mules before being wired.
The FBI searched Musienko’s laptop in 2019 and discovered roughly 120,000 payment card numbers on it, along with associated identifying information for individuals other than the defendant.
Police in Europe Bust Gang Hijacking Celeb Phones, Arrest 10
11.2.2021 Crime Securityweek
Police have arrested 10 people in the U.K., Belgium and Malta for allegedly hijacking mobile phones belonging to U.S. celebrities including internet influencers, sports stars and musicians to steal personal information and millions in cryptocurrency, authorities said.
The European Union police agency Europol said Wednesday that the gang is believed to have stolen more than $100 million in cryptocurrencies by using so-called SIM swap attacks.
These attacks involve deactivating a victim’s mobile phone SIM card, either by tricking the phone company or using a corrupt insider, so that the number can be transferred to another card under the gang’s control.
The arrests were the result of a joint investigation by U.K., U.S., Canadian, Belgian and Maltese police, Europol said.
Europol didn’t specify the nationalities of those caught in the sweep, but the U.K.’s National Crime Agency said a day earlier that eight men were arrested in England and Scotland. Two others were arrested previously in Belgium and Malta, Europol said.
Neither agency identified the celebrity victims.
Investigators found that after accessing victims’ phone numbers, they were able to take control of apps or accounts by requesting password reset codes sent via SMS. Then they were able to steal money, cryptocurrencies and personal information, including contacts synced online, as well as hack into and post from social media accounts, Europol said.
Europol has warned that SIM swapping is a growing threat carried out by fraudsters.
10 SIM Swappers Arrested for Stealing $100M in Crypto from Celebrities
11.2.2021 Crime Thehackernews
Ten people belonging to a criminal network have been arrested in connection with a series of SIM-swapping attacks that resulted in the theft of more than $100 million by hijacking the mobile phone accounts of high-profile individuals in the U.S.
The Europol-coordinated year-long investigation was jointly conducted by law enforcement authorities from the U.K., U.S., Belgium, Malta, and Canada.
"The attacks orchestrated by this criminal gang targeted thousands of victims throughout 2020, including famous internet influencers, sport stars, musicians and their families," Europol said in a statement. "The criminals are believed to have stolen from them over $100 million in cryptocurrencies after illegally gaining access to their phones."
The eight suspects, aged 18 to 26, are said to be part of a larger ring, two members of which were nabbed previously in Malta and Belgium. The latest arrests were made in England and Scotland.
The sweep comes almost a year after Europol led an operation to dismantle two SIM swap criminal groups that stole €3.5 million ($3.9 million) by orchestrating a wave of more than 100 attacks targeting victims in Austria, emptying their bank accounts through their phone numbers.
Typically achieved with the help of a corrupt insider or using social engineering lures, SIM swapping refers to the technique adopted by cybercriminals to persuade phone carriers into porting their victims' cell services to a SIM card under their control.
The SIM swap then grants attackers access to incoming phone calls, text messages, and one-time verification codes (or one-time passwords) that various websites send via SMS messages as part of the two-factor authentication (2FA) process.
Once in control of the target's mobile phone, the authorities noted that the criminals accessed personal information, including contacts synced with online accounts, and stole money, with cryptocurrency losses exceeding $100 million in 2020.
"They also hijacked social media accounts to post content and send messages masquerading as the victim," the U.S. Secret Service said.
The arrested suspects face charges for offences under the Computer Misuse Act, as well as fraud and money laundering. They are also expected to be extradited to the U.S. for prosecution.
To avoid SIM swapping attacks, it's recommended that users keep their device's software up to date, limit data-sharing online, and enable 2FA via apps instead of having an authentication code sent over SMS.
"When possible, do not associate your phone number with sensitive online accounts," Europol cautioned.
Utah Ponders Making Online ‘Catfishing’ a Crime
29.1.2021 Crime Threatpost
Pretending to be someone else online could become a criminal offense, setting a precedent for other states to follow.
Legislature introduced in Utah means it could soon be illegal there to pretend to be someone else when engaging in certain types of deceptive activities on the internet, a practice known as “catfishing.”
The Online Impersonation Prohibition up for debate this week in the Utah House of Representatives, “makes it a criminal offense, under certain circumstances, to impersonate an individual online with the intent to harm, defraud, intimidate, or threaten any individual,” according to the current draft of the legislation.
The legislation, officially known as House Bill (HB) 239 and sponsored by Utah Rep. Karianne Lisonbee, is part of a larger submission, HB 80, which seeks to amend privacy laws to create an “affirmative defense” for companies in lawsuits over data breaches, according to a report posted online by Fox 13 in Salt Lake City.
Actions that would become a third-degree felony under the scope of the HB 239 include sending an e-mail, text or instant message to someone under the identity of someone else without their consent or in a way that makes the recipient believe the person with whom they are communicating authorized or sent the communication.
Moreover, if such a law is passed in Utah, it could be something other states in the future also may adopt as a way to curtail the use of catfishing by cybercriminals.
The practice of catfishing often occurs in online dating or social-networking scenarios in which someone takes someone else’s personally identifiable information–such as photos, addresses, educational history or professions–to pretend to be that person to seem more attractive or interesting to people they meet online. It also serves to hide someone’s own identity in some way.
Threat actors have adopted catfishing over the years to ensnare and defraud victims in various cybercriminal activities. Last year, the Palestinian group Hamas used the tactic for the third time by posing as teen girls looking for quality chat time on Facebook, Instagram and Telegram to tempt Israeli soldiers into installing spyware on their phones.
In 2018, a catfishing scam bilked 42 service members from the Army, Navy, Air Force and Marine Corps out of more than $560,000 when prison inmates in South Carolina posed as attractive women online and lured the men into online romances.
The year before that, an APT with ties to the Iranian government also used a similar lure by creating an online identity called Mia Ash, who appeared to be a 20-something London-based photographer and amateur model with an interest in tech-savvy guys with ties to the oil and gas industry. The threat group used the persona to target telecommunications, government, defense, oil and financial services firms located in the Middle East and North Africa.
These are the type of scams that HB 239 aims to identify and make criminal, according to Lisonbee, who told FOX 13 that the bill targets those who actively take on someone else’s identity to defraud or harass someone rather than prosecute people merely for creating anonymous online accounts.
“It can have really serious and harmful consequences in people’s lives,” Lisonbee told FOX 13. “A lot of times people tend to hide behind the guise of social media and online anonymity and don’t really put the consequences of their actions together.”
Russian hacker Andrei Tyurin sentenced to 12 years in prison
12.1.2021 Crime Securityaffairs
A U.S. court on Thursday sentenced the Russian hacker Andrei Tyurin to 12 years in prison for his role in an international hacking campaign.
A U.S. court sentenced this week Andrei Tyurin (37) to 12 years in prison for carrying out an international hacking campaign that targeted several financial institutions, brokerage firms, financial news publishers, and other American companies.
In September 2018, the Russian citizen was extradited to the United States from Georgia, the man was charged over the massive theft of customer data from JPMorgan Chase and Dow Jones. Some of the other organizations targeted by the gang are E*Trade, Scottrade, and the Wall Street Journal.
The man was arrested in Georgia at the request of US authorities, he was charged with multiple conspiracy counts, including wire fraud, aggravated identity theft and four counts of computer hacking.
Andrei Tyurin is accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid-2015. His alleged hacking activities “lay claim to the largest theft of US customer data from a single financial institution in history, accounting for a staggering 80 million-plus victims,”
“Audrey Strauss, the Acting United States Attorney for the Southern District of New York, announced today that ANDREI TYURIN, a/k/a “Andrei Tiurin,” was sentenced in Manhattan federal court to 144 months in prison for computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses in connection with his involvement in a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other American companies.” reads the press release published by the DoJ. “TYURIN is charged with committing these crimes with Gery Shalon, a/k/a “Garri Shalelashvili,” a/k/a “Gabriel,” a/k/a “Gabi,” a/k/a “Phillipe Mousset,” a/k/a “Christopher Engeham,” Joshua Samuel Aaron, a/k/a “Mike Shields,” and Ziv Orenstein, a/k/a “Aviv Stein,” a/k/a “John Avery,” in furtherance of securities market manipulation, illegal online gambling, and payment processing fraud schemes perpetrated by Shalon, Aaron, Orenstein, and their co-conspirators.”
The illegal activity is believed to have made over $19 million in criminal proceeds.
“From his home in Moscow, Andrei Tyurin played a major role in orchestrating and facilitating an international hacking campaign that included one of the largest thefts of U.S. customer data from a single financial institution in history, stealing the personal information of more than 80 million J.P. Morgan Chase customers.” said Acting U.S. Attorney Audrey Strauss. “The conspiracy targeted major financial institutions, brokerage firms, news agencies, and other companies, and netted Tyurin over $19 million in criminal proceeds. Now Tyurin has been sentenced to 12 years in prison for his crimes.”
TYURIN along with his partner Gery Shalon and his co-conspirators artificially inflated the price of certain stocks publicly traded in the U.S., then they marketed the stocks in a deceptive and misleading manner to customers of the targeted companies whose information were previously stolen by TYURIN.
From 2007 to 2015 TYURIN also conducted cyberattacks against multiple foreign companies.
“In addition to the U.S. financial sector hacks, from approximately 2007 to mid-2015 TYURIN also conducted cyberattacks against numerous U.S. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors. Nearly all of these illegal businesses, like the securities market manipulation schemes, exploited the fruits of TYURIN’s computer hacking campaigns.” concludes the press release. “TYURIN’s hacking activity included the targeting of companies known to be used for email marketing campaigns, competitor online casinos, and a merchant risk intelligence firm based in the United States, in order for the co-conspirators to monitor the firm’s efforts to audit potentially criminal online credit card transactions on behalf of major credit card networks, and thus avoid detection of their own criminal schemes.”
Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack
11.1.2021 Crime Thehackernews
A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies.
Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses, and for his role in one of the largest thefts of U.S. customer data from a single financial institution in history, which involved the personal information of more than 80 million J.P. Morgan Chase customers.
Besides the investment bank, some of the other major targets of the hacks were E*Trade, Scottrade, and the Wall Street Journal.
Tyurin, who carried out the extensive hacking from his home in Moscow between 2012 to mid-2015, is believed to have netted over $19 million in criminal proceeds as part of his intrusion schemes.
In one such instance of security fraud, Tyurin collaborated with his partner Gery Shalon to artificially inflate the price of certain stocks publicly traded in the U.S. by marketing said stocks in a deceptive and misleading manner to customers of the victim companies whose contact information were stolen during the intrusions.
Photo Credit: REUTERS/Amir Cohen
To carry out the attacks, Tyurin is alleged to have used computer infrastructure located across five continents that were remotely controlled and is said to have maintained persistent access over long periods of time to the victims' networks to download and refresh the stolen data from the companies periodically.
"And once his hacking activities were detected, TYURIN worked with Shalon to destroy the evidence of their criminal activity and undermine U.S. law enforcement's efforts to identify and arrest them," the U.S. Southern District of New York said in a statement.
The development comes after Tyurin pleaded guilty in September 2019 to carry out the wire and bank fraud, computer intrusions, and illegal online gambling. Tyurin has been in U.S. custody since he was extradited from the country of Georgia in September 2018.
Russian Hacker Gets 12 Years in Massive Data Theft Scheme
8.1.2021 Crime Securityweek
A prolific Russian hacker who stole data from over a dozen U.S. companies and information about over 100 million U.S. consumers was sentenced Thursday to 12 years in prison after admitting involvement in one of the biggest thefts of consumer data from a U.S. financial institution.
Andrei Tyurin, 37, was sentenced in Manhattan federal court after pleading guilty in September 2019 to computer intrusion, wire fraud, bank fraud and illegal online gambling offenses.
Prosecutors say Tyurin helped steal the personal data of more than 80 million customers from JP Morgan Chase alone.
They said Tyurin targeted financial institutions, brokerage firms and financial news publishers including the Wall Street Journal in the United States from 2012 to mid-2015, getting the personal information of more than 100 million customers of the companies.
Tyurin operated from his Moscow home, collecting over $19 million as he utilized a computer infrastructure across five continents, authorities said.
In a release, Acting U.S. Attorney Audrey Strauss said Tyurin “played a major role in orchestrating and facilitating an international hacking campaign that included one of the largest thefts of U.S. customer data from a single financial institution in history.”
In court papers, Tyurin’s lawyer, Florian Miedel, wrote that Tyurin only pocketed about $5 million because the rest was only promised by a co-conspirator who relied on Tyurin to get names and contact information so he could recruit customers for his illegal online gambling business.
Miedel requested leniency for his client, saying Tyurin never stole money through his hacking.
In a letter to the judge, Tyurin said he was “terribly ashamed” of the personal information he was stealing online and believed he had “chosen a wrong path in life.”
He also wrote that he has changed since a daughter he can no longer see was born four years ago.
In court papers, prosecutors wrote that as investigators closed in on Tyurin and the co-conspirator with the online gambling business, Tyurin and his accomplice “were fundamentally driven by pragmatic considerations regarding the risk of their detection and ultimately their apprehension, rather than concerns regarding relative moral culpability of their use of the stolen data.”
They urged a stiff sentence, citing the difficulty of apprehending someone who operates a half a world away.
“As a result of the significant resources required to mount a successful hacking prosecution, convictions are relatively rare. Consequently, the importance of affording general deterrence through meaningful sentences is particularly acute in criminal hacking cases,” according to a sentencing submission signed by Assistant U.S. Attorney Eun Young Choi.
Tyurin has been in U.S. custody since he was extradited from the country of Georgia in September 2018. He will be deported once he serves his sentence.
U.S. District Judge Laura Taylor Swain ordered him to forfeit his profits. Restitution was to be determined at a later date.