Tuesday, November 12, 2024

Gery Shalon – The Plea Deal and the forfeited fortune of a cybercrime mastermind

Spread financial intelligence

On November 9, 2015, U.S. prosecutors charged the Georgia-born Israeli citizen Gery “Gabi” Shalon in a twenty-three count Superseding Indictment (Docket No. S1 15 Cr. 333). He was charged with computer hacking, securities fraud, aggravated identity theft, illegal online gambling, illegal money transmitting business, and money laundering. Most of the files are still unsealed. What is known is that in April 2017, Shalon has pled guilty to all 23 counts and made a plea deal with prosecutors that included the forfeiture of all seized funds and assets. We are talking about a real big fortune, including a $74.7M bank account. Evidently, cybercrime pays!

Plea Deal and Forfeiture

Gery Shalon‘s known lieutenants in his U.S. cybercrime activities were the U.S. citizens Joshua Samuel Aaron, Ziv Orenstein, and the Russian Andrei Tyurin. All have pleaded guilty, are serving prison sentences. To date, there has been no sentencing. It is therefore not known whether and for how long Shalon will have to go to prison. According to U.S. legal experts, this long period between indictment and sentencing is very unusual and indicates intensive cooperation with U.S. authorities.

Gery Shalon signed the Forteiture Order in January 2021

In his plea agreement, Gery Shalon admitted that the seized funds and assets have been the illicit proceedings from his cybercrime organization and agreed to forfeit it to the United States. On or about October 9, 2018, the U.S. Government seized $74,745,279.29 from the so-called Nener Account at the Swiss Schroder & Co Bank AG. An impressive amount, isn’t it?

An unsealed court document list all the seized assets, which Gery Shalon agreed to be forfeited to the United States. He signed the court order in January 2021. Below is an excerpt of the seized and forfeited bank accounts:

Most of the funds seized by U.S. authorities have been in accounts at European banks and banks in Georgia.

In addition to the bank accounts, 202 Bitcoins (BTC) were also seized and are now being sold by U.S. authorities. The value of these Bitcoins is currently around $10M.

Download the Preliminary Order of Forfeiture here.

The European Connection

As usual and not otherwise possible, U.S. prosecutors have charged only the offenses in the United States. In fact, the cybercrime organization led by mastermind Gery Shalon was also massively active in Europe. Under his leadership, Israeli Gal Barak set up the E&G Bulgaria cybercrime organization in Bulgaria together with his wife Marina Barak (formerly Marina Andreeva), which operated scams such as OptionStars, OptionStarsGlobal, XtraderFX, SafeMarkets, or Golden Markets through a network of illegal boiler rooms in Bulgaria, Serbia, Georgia, Bosnia-Herzegovina and Ukraine. ING’s Dutch subsidiary Payvision also played an important role in this network. Through Payvision, the global cybercrime network of Gery Shalon and Gal Barak laundered funds stolen from clients.

In Germany and Austria, other people are accused around Gal Barak. Gery Shalon and his Russian partner Vladislav Smirnov are also listed as suspects.

The Russian Connection

One of Gery Shalon‘s partners is the Russian spammer and online payment veteran Vladislav “Vlad” Smirnov a/k/a Vladislav Khokholkov. Shalon was active even after his arrest and extradition to the United States in 2015. Shalon’s U.S. criminal case is dealt with very secretive. Not much is known about his cooperation with the U.S. Attorney’s Office and FBI. Basically, Shalon had house arrest in New York after posting bail as well as being banned from using computers. However, that might not have really worked.

Shalon was active with a Russian cell phone and coordinated his actions with Gal Barak and Vladislav Smirnov. He also reportedly visited Russia two or three times to meet with his network there. We may assume that this was done with the permission of U.S. authorities.

However, Shalon apparently betrayed his Russian accomplice, Andrei Tyurin. He was arrested while on vacation in Georgia. He was extradited to the U.S., also pleaded guilty, and cut a plea deal. He was sentenced to 144 months in prison and $20M in restitution payments (please read this report here). At the time of Tyurin’s arrest in Georgia and his extradition to the U.S., Gery Shalon‘s father, Shota Shalelashvili, was a member of parliament and deputy leader of the ruling party in Georgia. Convenient coincidence, isn’t it?