An irreverent Wall Street Blog
by Bill Singer

UPDATE: Online Trojan War Ends With Prison For Eastern European Bank Account Thieves

March 26, 2012


Almighty Zeus launches new Trojan War against our bank accounts

This is an update of a "Street Sweeper" column that originally ran on September 26, 2011.

This is a saga worthy of the title the "Trojan War." For now, at least, Troy is in flames, the Greeks have won - or, in more modern parlance, the Feds got their last guilty plea.

Zeus Trojan

Russians Indicted In Ongoing Malware War Against U.S. Credit Card HoldersBill SingerBill SingerContributor
Belarussian Identity Thief Sentenced in Financial Institution Fraud RingBill SingerBill SingerContributor
Online Trojan War Ends With Criminal Pleas in Bank Account TheftsBill SingerBill SingerContributor
97 Months In Prison For Stealing Wall Street Trading Code But Only 18 Months For Selling Computers to Terrorist State of IranBill SingerBill SingerContributor

According to federal prosecutors, court documents, and guilty pleas, cyber attacks were launched from Eastern Europe using the "Zeus Trojan" malware program, which was launched through the use of emails generally transmitted to small businesses and municipalities in the United States. When opened by the recipient, the Zeus Trojan embedded itself into the user's computer and activated a keystroke-program that recorded account numbers, passwords, and codes when the user logged on to their bank accounts.

The next phase of this war was the criminal use of the stolen bank account information to effect illegal transfers, usually thousands of dollars at a clip, to so-called "receiving accounts," which were controlled by the co-conspirators in this operation. The receiving accounts were previously set up by what is referred to as a "money mule organization," whose purpose was to retrieve the funds in the compromised bank accounts and transfer them overseas.

By no means a small undertaking, the money mule organization recruited many individuals who had entered the United States on student visas. The criminal organization provided these recruits with fake foreign passports and instructions as to how to open false-name accounts at U.S. banks. These fictitious accounts were used to receive the stolen funds obtained through the use of the Zeus Trojan;and, thereafter, these same accounts issued instructions to transfer the stolen funds overseas - or, in some instances, the recruits would physically withdraw the funds and transport them overseas as cash.

Long Arm of the Law

Criminal charges were filed in September 2010 against 37 defendants. To date, two defendants entered into deferred prosecution agreements, eight remain fugitives, and 27 have pled guilty.

On September 23, 2011, Nikolay Garifulin, 22, of Volgograd, Russia, pleaded guilty in Manhattan federal court to conspiracy to commit bank fraud and possess false identification. Scheduled to be sentenced in January 2012, Garifulin faces a total maximum penalty of 45 years in prison on the conspiracy to commit bank fraud and conspiracy to possess false identification documents charges.

Final Box Score

Two leaders of the mule organization have pled guilty (in addition to Garifulin) and sentenced (date in parentheses):

  • KASUM ADIGYUZELOV (May 13, 2011): 48 months in prison.
  • DORIN CODREANU (July 8, 2011): 20 months in prison.

Eighteen money mules pled guilty and sentenced:

LILIAN ADAM (April 28, 2011): time served after five months and 24 days in prison.

KONSTANTIN AKOBIROV (March 3, 2011): 8 months in prison.

JAMAL BEYROUTI (August 4, 2011): 36 months in prison.

Eighteen money mules pled guilty and sentenced:

  • LILIAN ADAM (April 28, 2011): time served after five months and 24 days in prison.
  • KONSTANTIN AKOBIROV (March 3, 2011): 8 months in prison.
  • JAMAL BEYROUTI (August 4, 2011): 36 months in prison.
  • NATALIA DEMINA (December 23, 2010): time served after four months and 12 days in prison.
  • ALEXANDER FEDOROV (January 5, 2011): 10 months in prison.
  • ADEL GATAULLIN (February 16, 2011): 15 months in prison.
  • ILYA KARASEV (June 24, 2011): 10 months in prison.
  • ALEXANDER KIREEV (February 14, 2011): 12 months and one day in prison.
  • YULIA KLEPIKOVA (March 17, 2011): 7 months in prison.
  • MAXIM MIROSHNICHENKO (February 28, 2011): time served after four months and 29 days in prison.
  • MARINA MISYURA (May 25, 2011): time served after seven months and 25 days in prison.
  • VICTORIA OPINCA (January 25, 2011): time served after three months and 26 days in prison.
  • MARGARITA PAKHMOVA (April 5, 2011): time served after six months and nine days in prison.
  • STANISLAV RASTORGUEV (July 11, 2011): 12 months and one day in prison.
  • DMITRY SAPRUNOV (April 6, 2011): time served after six months and two days in prison.
  • JULIA SIDORENKO (December 9, 2010): time served after two months and nine days in prison.
  • ALINA TURUTA (February 25, 2011): time served after four months and 26 days in prison.
  • ANTON YUFERITSYN (June 28, 2010): 11 months in prison.

Six other defendants have pled guilty and are awaiting sentencing:

  • RUSLAN KOVTANYUK (January 7, 2011)
  • SABINA RAFIKOVA (January 3, 2011)
  • ALMIRA RAKHMATULINA (September 25, 2011)
  • ALEXANDER SOROKIN (May 19, 2010)
  • JULIA SHPIRKO (August 19, 2011)
  • KRISTINA SVECHINSKAYA (November 19, 2010)

UPDATE

On March 23, 2012, Garifulin was sentenced to two years in prison; three years of supervised release; ordered to forfeit $100,000; and ordered to pay $192,123.122 in restitution.

Bill Singer's Comment


U.S. Attorney for the Southern District of New York Preet Bharara thanked  Bank of America, TD Bank, JPMorgan Chase Bank, Wachovia, and HSBC Bank for their assistance in the investigation.  Wow - that's a lot of major banks being thanked in connection with these online crimes.  While the nod from Bharara is certainly noteworthy, it's still quite scary to consider the extent and reach of this scam.

NATALIA DEMINA (December 23, 2010): time served after four months and 12 days in prison.

ALEXANDER FEDOROV (January 5, 2011): 10 months in prison.

ADEL GATAULLIN (February 16, 2011): 15 months in prison.

Permalink

Search BrokeAndBroker

Related Topics

Previous Entries

Tag Cloud

Bill Singer BrokeAndBroker FINRA Arbitration AWC SEC Expungement BrokeAndBroker.com BrokerAndBroker Guest Blog Employment Guest Blogger Wells Fargo Street Sweeper Bill SInger Aegis Frumento Jobs OBA U5 Fraud Promissory Note U4 Email Merrill Lynch Morgan Stanley UBS Defamation EFL CRD BrokeAndBroker Wire Fraud Elderly InSecurities Statutory Disqualification OHO Whistleblower NAC Suitability PST FBI Forbes DOJ Ponzi Rule 3270 ALJ Supervision Citigroup BrokerCheck Borrowing Form U4 IRS SDNY Expenses OIP Pro Se Willful Supreme Court Outside Business Activity Rule 8210 Felony Bank Securities Industry Commentator Ameriprise Rule 2010 Dodd Frank WSP Rule 2080 Discretion Wrongful Termination Form U5 Discovery IRA Wachovia RIA Business Expenses Raymond James JP Morgan Insider Trading Punitive Damages Bar Mail Fraud Conversion Wife NASD Bankruptcy CCO TRO Rule 1122 Husband Edward Jones Margin Forgery Stephen Kohn Willfulness Rule 3240 Checks arbitration Settlement Estate Tax Schwab LPL 2Cir Commissions Trump Credit Card Employment Tuesday Wall Street Outside Business Activities NYSE Small Firm Promissory Notes Beneficiary Madoff Frumento FAA Insurance Rule 3040 CFTC Options Corrective Action Statement Private Securities Transaction Annuities Injunction Bank of America Tax Liens Antitrust Impersonation Facebook Rule 3280 Real Estate Goldman Sachs Rule 12206 Power of Attorney Customer Indictment Crypto Due Diligence Exam TD Ameritrade OWB Trust ETF Remand Tax Lien Stay SRO ATM Retaliation Street Legal Misdemeanor Offer of Settlement Test Spouse Mortgage Signature Barclays OTR Discrimination Trustee Explained Decision Securities Fraud Complaint Annuity Away Account Eligibility Rule COVID Solicitation ACQ Case In Point Wire Schapiro Rule 2510 Loan Motion to Dismiss POA NASDAQ Sanctions email VA Jurisdiction Initial Decision ARS Reg SP DCCir Unauthorized Discretion Rule 4511 Blockchain Lien Spouses Appeal Conspiracy Rule 4530 CRS Mandatory Arbitration E*Trade Employee Forgivable Loan NSF Class Action Motion to Vacate T&P 9Cir HFT JPMorgan Burris Liens Money Laundering Rule 12200 Fidelity PCAOB NASAA Reimbursement Unsuitability Retirement Deutsche Bank Compliance Great Recession AML Unfair Competition Failure to Supervise Signatures RBC Cease And Desist Personal Expenses Bonus Flash Crash Willfully Rule 3010 Continuing Education FINRA Board REIT expungement Divorce Manifest Disregard Sexism Fiduciary Dissent LOA Sexist Disgorgement Broker Protocol Chase Scottrade Severance Huffington Post Credit Cards 10Cir Customer Complaint Hacking MSSB Due Process Vacatur Undisclosed Settlement Cryptocurrency Hacker Rule 3050 Internet Lehman Brothers Identity Theft Unauthorized Trading MC-400 Malware Spoofing Board Bharara Social Media Gallagher SDFL RRBDLAW.com BD Bitcoin Disclosure Will brokeandbroker Deceased Registered Rep Magazine IAR Indemnification Rule 3110 Variable Annuity Fees Audit Coronavirus Examination Private Placement employment Wey Stockbrokers Away Accounts Self Regulation Kokesh Rule 12904 Apple Lucia Rule 9552 Forex Wedbush Statute of Limitations Loans Solicited Letter of Authorization Trading Platform LIBOR Website Elder Abuse Widow Stifel 4Cir Annual Compliance Questionnaire Emails Variable Annuities Commission FINRA Arbitration Zipper Gensler PNC Bonds PIABA Rule 2150 jobs 3Cir Prison WSPs Crowdfunding Postponement Brummer Charles Schwab Confidential Information Lehman Arbitraiton Hedge Fund Second Circuit 2nd Circuit FINOP Public Interest Exhaustion of Administrative Remedies Private Securities Transactions BOP Rule 12805 Rule 2111 Dakota Securities Net Capital BrokeAndBroker Bill Singer Breach of Contract Waiver Credit Suisse RMBS Registration OIG Unsolicited 9/11 Sanction Guidelines Newman guest blog MetLife Mother CE guest blogger bill singer Debit Card Board of Governors RRBDlaw.com SunTrust Racism Telephone Time And Price Rule 13200 Marijuana aegis frumento Judgments Series 7 TOD Motion to Confirm insecurities Robinhood Cheating Morgan Keegan China RR JPM Plea Diversity BrokeAndBroker.com Blog IC3 ADA Hilton Weiner BrokeandBroker Bureau of Prisons Non-Solicitation NYAG Suspension CMA Whistleblowing FOREX Unjust Enrichment IPO Unsuitable Bear Stearns Margin Call Imposter Concentration Enforcement Sexual Harassment Obstruction of Justice DOL Oppenheimer Reg S-P CPA Rule 2081 Protocol EDNY Raiding WB-APP Rationale Testimony Non Solicitation Knight OSHA Botkin Lawyer Membership Continuance JOBS Act Confirm Whistleblowers Rakoff Covid Auction Rate Securities TCR Private Placements Statutory Disqualification Committee Embezzlement Restitution FNMA Tortious Interference Check Kiting Rule 4513 Churning Charge CNBC Leggett Small Firm Governor Employment Agreement Piwowar Absolute Immunity Mutual Funds Puts 11Cir 1Cir Broke And Broker Elder Fraud Stifel Nicolaus Puerto Rico Restaurant Compensation Rule 2210 Gold Regulation SP Joshua Brown NoCA Finra NDCA Counterclaim Bandimere SAC Confidential MF Global Customer Information Appointments Clause TSSB Lawyers Deferred Compensation Federal Reserve Cannabis Trade Secrets VIX CEO Securities America EIA securities industry commentator Preliminary Injunction Saad Rule 13805 Affinity Fraud Pennystock Circuit Court Robert Cook Conflict Shah Gilani Reg D Bank Fraud Affiliate Biden Irreparable Harm AAA Customers ING Hurry Article V Written Supervisory Procedures Johnny Burris Banc of America Form ADV Research Aleynikov Bloomberg Termination Sarbanes Oxley Woody Allen Rule 12504 Leveraged ETF Funds 10b-5 PN Stanford Check Testing USERRA Rosenthal Recruiting Khuzami Test Center Wine Wire Transfer Ketchum Standing HSBC Charity Corruption money laundering Taxes Excessive Trading Unregistered TheBlot Pennystocks Phishing Executor Feigenbaum Michael King Immunity fraud Information DNJ Service Confidentiality Sales Assistant Michael King Associates Inability to Pay supervision Dementia Morgan Stanely Day Trading Medicare Passcode High Frequency Trading 10b-10 Laptop NRF Hearing signature Rule 2430 Star Wars Rule 12212 Superior Court Hester Peirce Bid Rigging Probate Stipulated Award Medical Condition 6Cir BrokeAndBroke Chief Compliance Officer CGMI Congress FMLA Extraordinary Circumstances Chase Investment Services Obstruction Conflict of Interest Rule 9554 Rule 21F Eligibility Parking OCIE Vault Rule 3310 Moon Rule 3030 Failure To Supervise Disability Kon Ethereum Beneficiaries Casino Constitution Self Regulatory Organization PAQ Lincoln Financial Over Concentration AXA 6th Circuit Morgan Stanley Smith Barney Amazon Sharemaster Commodities Fraud Sexual Discrimination DMD Google Spoliation Third Party Vendor Talman Harris Self Directed Accounting Subpoena Cantor Fitzgerald FINRA AWC White Nietzsche Argentina RICO FINRA Small Firm Finder\'s Fee Attorneys Fees Aguilar 401k State Actor ACH Penson Wanger Statement of Corrective Action Administrative Remedies Pruco Side Bar Layering Online Whitman Motion to Compel Outside Account ICO Guitron Honorarium Smith Barney Poteroba Negligence Death McDuff Vietnam Ride the Thunder Mutual Fund Consent Order Marines Joint Account Teleconference Marine Corps Relevant Disciplinary History David Sobel Government Accountability Project Corzine NPR Marketplace Unauthorized Practice of Law Default 5Cir Trader CDO JPMS Yesenia Guitron Privilege Hugh Hewitt IM Fine S&P Offset Copyright Investor Alert ESOP Rule 13504 Stop Loss Florida Money Market BrokeAndbroker GameStop FAP Cold Spring Advisory Group Female Withdrawals SIFMA Do Not Call mail fraud Crime Respondeat Superior LLC Racial Discrimination Falsification FOCUS Rule 2370 Res Judicata Scottsdale Blackbook Risk Commodities Revocation Hospital Stockbroker Investment Adviser Chase Bank Timban Pension EEOC Settling Away Backstage Wall Street Disciplinary History Hotel Newport Coast Securities Obama Chiasson Series 79 11th Circuit Regulation Rory Flynn Extraordinary Cooperation YouTube Conflicts Regulation S-P Peirce NY Life Microcap WBAPP WaMu Fifth Amendment Resignation Reuters Book of Business Outside Accounts Schneiderman Transamerica Elder Law Capital Gains SP Password BrokerAndBroker.com 40 Act Fowler Guest Bloggers OWWP elderly Client Information First Amendment Reform Rule 1031 Libel RRBDlaw UIT Johnson Gamification Financial Professionals Coalition Expert Witness Trading Mistake Attorneys\' Fees Subject Matter Jurisdiction Red Flags Motion Blank Forms Penalty Fiduciary Duty Life Insurance Judgment Jennifer Tarr Reverse Life Insurance Turnover Data wire fraud Title VII Christian Stanley Liquidation BATS Zoom Tesla Moore 401(k) Permanent Bar Netschi Thain Puerto Rico Bonds Daughter Selling Away David Lerner TIC For Cause Dell Taft Correctional Institution Electronic Communications wrongful termination Arbitration EDPA Relevant Tax Fraud CD FCI Acosta Department of Justice Oral Discretion Verbal Discretion Extortion Inmate Equity Indexed Annuities NYG Capital Escrow Kiting Texting Self Reporting Counterfeit Confirmation Interactive Brokers Inside Information Non Solicit Ethics Commissioner Stein Wires FCI Beaumont Meals Civil Rights Slander SD Elles Fee VXX Prudential Fines FCPA Outside Counsel Chevron Rule 9216 Gross 17a-5 Harassment Control Person Scholander WhatsApp Annual Audit Son Arrest securities fraud Stock Promotion Initials Short Sale Compromise EB-5 Dinner Alcoholism Motiion to Acquit Rule 12511 TradeStation Corporate Credit Card Game of Thrones National Securities GME Third Party Beneficiary Led Zeppelin Tippee Beatles Jay Clayton Covid-19 Tipper Merrill Altered Records Promoter Wire Transfers Berthel Fisher finra Texas State Securities Board Merill Lynch Executrix Training Impersonator Jury Instructions Women Burden of Proof Molchatsky Credit Repair Retired Woman With Cane Transfer Summary Judgment Tennis Court Coin Public Arbitrator NFT Kovack Securities SDCA Cybersecurity Checking Jon Corzine Vaccarelli Motion to Exclude Motion to Postpone Flash Drive Howey Discharge Bequest Preet Bharara Rule 13904 Hayden Reg SHO Pershing Section 206 Vungarala Purshe Kaplan Lewis Carroll Constructive Discharge bank Communications Advisor Placement Group Nationwide Expense FINRA Eligibility Rule Production At Will Rule 13212 Hackers Age Discrimination Subway South Park Compliance Questionnaire Rule 21F-17 Kent Exhaustion Doctrine Undertaking ADEA Exception Report Books and Records FDA Motion to Compel Arbitration Khan Wells Fargo Advisors Oilpro No Show Sears Gnomes Altered JAMS Allocation Back Dated false statements NYLIFE Exemption Liu Cherry Picking Fraudulent Inducement DCO Eric Stein Rule 3210 Tysk Income Branch Manager DWI Cybercrime annuities AI Lek Frivolous Schottenstein ACT! Binary Options Section 1332 Non-Solicit Exception Reports Lee Orders Voya Fiero Newbridge Anderson NPI Vacate BitTorrent Rule 13201 Currency whistleblower Prime Bank Daspin Clayton Sharing Agreement BBVA ESG Supervisor Disparate Treatment Pacifico iPhone Theft Non-Prosecution Agreement Powell Guardian Expert God Punitive Rule 1210 SDOH reimbursement Wang DRS 1099 Bank Secrecy Act Gabelli FinCEN Martin In Connection With SLUSA Traders EDVA Collateral Bar SIPC Municipal Advisor NRSRO Investacorp Undercover FNI Media Retroactive Retroactive Bar Baby Boomers Mantar Arbitrator College Trainee Fee Hostile Workplace Laser Koval Skimming In House Counsel Naskovets Fourth Amendment GAP Countrywide Tran Last Known Address ADR Bob Dylan Allstate Examinations Law School Bartko Patriot Act Overtime Espionage Schumer Walter Dow Preliminary Determination Wages Salman Diabetes Form TCR Confidential Customer Information CAT HBO Grievance Ecuador Springsteen Mail defamation McCartney Spam Elon Musk Proctor JP Morgan Securities Books And Records AMC Rule 2330 ALJ Foelak AIG Hertz Clearing Firm Success Fee Series 66 MAP Court of Appeal QuadrigaCX Willfull Fidelity Brokerage Services Practice Sale Bribe William Faulkner Mattera Collateral BIll Singer DAO Stephen A. Kohn Principal PSRO Ten Commandments Brokeandbroker.com ETFs Municipal Bonds Father IBM Janney Montgomery Scott JPMorgan Chase Malice Martoma BrokeandBroker.com Disney Criminal Mary Schapiro Particularity NFA Merger AWC. FINRA Broy Compliance Officer PHC Rule 144 Lorenzo Private Actor Mary Jo White House Financial Services Capitalism State Farm RRBDLAW Apartment Rule 420 Bill Singer BrokeAndBroker SIE Tax Advice Exotic ETF Quasi Governmental Motion To Dismiss Press Release Cryptocurrencies 529 Plan Margin Calls Arbitrability Excel Bezos Statute of Limitation Ineligibility Kennedy Securities and Exchange Commission Murray Kenneth Starr Romer Leveraged ETFs Harris Work Product Dissident Deceased Customer Deferred Prosecution Agreement DPA Dylan Legend Silver Banks Evidence SEC Rules of Practice Witness Tampering ALJ Grimes Solomon Galleon NML Calls 9th Circuit Financial Disclosure Swaps Non Compete Diamonds Sex Sterne Agee Life Settlement Dostoevsky Unauthorized Trades Guardianship Payroll Shotgun Pleading Ronald Filler Lexicon Office of Special Counsel 8210 Investment Advisers Act Panama Fundacion Nicor Nicolas Corcione Stipulation sexism Personal Information expenses Forfeiture Well Managed Portfolio Costa Rica CMO NMS Travel Varney DDC Rule 13206 Hurtado Cellphone Hearsay Turbeville MSPB Fernandez Gifts Rules of Practice Notice Reason for Termination Bank Guarantee Customer Files Nasdaq Kierkegaard MBS Address Goble Transitional Bonus Citibank Twitter US Airways Production Bonus Rule 13104 FINRA Foundation Scam Reverse Merger Rule 12104 Joint Production Bill singer Reasonable FTC Boyland Justice Ruder Task Force Obamacare MDLA Audit Committee DMCA