On Wednesday, October 24, 2018, late in the evening, a massive global DDOS attack on FinTelegram started. This attack was preceded by our reports about Gery SHALON and his cybercrime enterprise. The U.S. prosecutors filed indictments already back in 2015 but the trial is still pending while the U.S. authorities still looking out for SHALON’s co-conspirators. FinTelegram had disclosed that the Russian Vladislav SMIRNOV aka Vladislav KHOKHOLKOV evidently is a leading member of this cybercrime enterprise.
The Makers of the DDOS attack
Already in 2005, Vladislav KHOKHOLOV was sued in the USA as a member of the world’s largest SPAM gang headed by the Russian “SPAM czar” Leo KUKAYEV. The gang received charges of sending millions of unsolicited, deceptive emails advertising for counterfeit drugs, pirated software, and pornography.(see the article in Spamhaus). In 2005, the attorney general of Massachusetts successfully sued the SPAM gang for violations of the CAN-SPAM Act. Hence, KHOKHOLKOV aka SMIRNOV aka Mr. Green is a “court certified” SPAM artist.
According to the information available to us, the three key figures Gery SHALON, Gal BARAK, and Vladislav SMIRNOV were and are behind the ongoing DDOS attacks on FinTelegram.
Vladislav SMIRNOV a renowned expert in two specific areas:
- spam campaigns & affiliate operator
- Payment services for Cybercrime Activities.
These are perfect skills to execute a DDOS attack. But first things first. Let’s start with their mission.
In their indictment, the U.S. prosecutors explained in detail how Gery SHALON attacked his competitors and critics with DDOS. As with FinTelegram, he caused the websites of his competitors to be temporarily unavailable via DDOS attacks. As we know from witnesses, SHALON used these DDOS attacks to blackmail his competitors and kindly asked them to hand over shares in their companies.
The DDOS Mission to bring down FinTelegram
The people behind this DDOS attack have already acted several times in the past with threats, slander and fake news against FinTelegram and its team members. The mission of the current DDOS attack was to prevent people from reading our reports on Gery SHALON‘s European and Russian connections and networks around his cybercrime gang. Such disclosures wouldn’t do Gery SHALON any good, according to our informants, for his cooperation with the U.S. Attorney General’s Office and his upcoming trial in the U.S. The ongoing attacks on FinTelegram’s websites are intended to prevent other readers from accessing the information and learning about the SHALON’s vast cybercrime empire.
Snitching on Co-Conspirators
Actually, the actors behind the DDOS attack on FinTelegram are already at the center of investigations and indictments by the U.S. authorities. Gery SHALON is regarded by the U.S. authorities as the principal and mastermind of the largest cybercrime enterprise discovered to date. This enterprise was responsible, among other things, for the hacking of JP Morgan and other US financial service providers, with more than 100 million customer data being stolen according to the prosecution. With this stolen customer data, SHALON and his friends have operated a gigantic stock manipulation system, cheating US investors by hundreds of millions (reports here on FinTelegram). Some of the members of this cybercrime enterprise have already been sentenced to several years in prison in the USA. Gery SHALON and the other main perpetrators have been charged and are awaiting trial.
According to inside information, Gery SHALON is cooperating under a plea agreement with the prosecuting authorities and provides incriminating information on his co-conspirators. SHALON is looking for leniency. He provided incriminating information on his co-conspirators and is a potential witness against them. On the basis of his information, other people such as the Russian hackers Peter LEVSHOV and Andrei TYURIN. Both men were arrested and extradited to the USA recently. SHALON himself is stuck in the USA and is not allowed to leave the country according to people close to him. Nevertheless, he and his cybercrime enterprise are still heavily involved in the international cybercrime scene. Through his partners Gal BARAK and Vladislav SMIRNOV he has also been involved in fraudulent binary options schemes since the indictment in the US. Thus, SHALON seems to be part of schemes that that cheated hundreds of thousands of investors in Europe, the USA, and North America.
On the basis of the information available to us – trustworthy and carefully checked – this Vladislav SMIRNOV (then still under the name of KHOKHOLKOV) was responsible for the payment services of Gery SHALON until 2014. He is said to have played a significant role in the criminal payment services IDPay and Todur for which he was charged. Since the arrest of Gery SHALON in Israel in 2015, SMIRNOV has been active in the field of binary options with its controlled payment services providers DreamsPay and NetPay. Binary options are already prohibited in most countries because they are primarily designed to defraud investors. The French Financial Market Authority AMF conluded that almost 100% of investors lost their money with binary options because of fraudulent activities by operators. The main perpetrators of the Binary Options are Israelis, who have killed billions of investors through call centers scattered around the world and hundreds of domains and unregulated broker sites.
Simona WEINGLASS from the Times of Israel estimated that the Israeli operators of the Binary Options alone have turned over up to $10 billion a year and employed thousands of people in call centers and software development. She called it a huge fraud industry with victims around the globe cheated by Israeli perpetrators.
The Usual Suspects and Ciminal Complaint
It was these very same Binary Options con artists under the leadership of Gery SHALON who were behind the ongoing DDOS attack on the FinTelegram. According to the inside information available to us from the network, the DDOS attack was carefully prepared with attacks from servers all over the world and executed with military precision. The aim of the attacks was to paralyze the servers of FinTelegram by sending billions of so-called “bad requests” and thus make the websites inaccessible for other visitors and readers. We had up to 500 million “bad requests” within a 24 hours-period over the duration of the DDOS. According to Cloudflare statistics, several thousand IP addresses fended off a total of more than two billion “bad requests” that consumed several terabytes of bandwidth.
We already filed criminal complaints with the authorities in Europe and the U.S.
Sources:
- The JP Morgan case and Gery SHALON’s cybercrime empire: Link to CNN
- Indictment Gery SHALON, Ziv ORENSTEIN, Joshua Samuel AARON: Link to DoJ
- Indictment Andrei TYURIN: Link to DoJ
- The Inquirer article on Vladislav KHOKHKOLOV and the Spam Gang (2005): Link to the Inquirer
- The arrestment of Gery SHALON and Ziv ORENSTEIN: Link to Globe
- Grey shalon snitches on Russian hacker: Link to Daily Beast
- Background information on Vladislav KHOKHOLKOV and friends: Link to Krebs on Security
