He is the accused mastermind of one of the biggest hacks ever. He and his crew allegedly pilfered information from more than 80 million JPMorgan Chase & Co clients and ran online gambling, stock manipulation and money-laundering schemes around the world.
Gery Shalon, charged with those crimes four years ago, has rarely appeared in court since he was extradited to the US. Now it is clear why: Shalon is helping US authorities, people familiar with the matter said.
Such cooperation could result in anything from a lighter sentence to outright release. That would be a remarkable turnabout for a man whom then-US attorney general Loretta Lynch accused of netting hundreds of millions of US dollars from “one of the largest thefts of financial-related data in history.”
Illustration: Mountain People
Because authorities singled out Shalon as the brazen scheme’s leader, he would have to deliver something important to chip away at his 23 counts, several of them carrying potential 20-year prison terms.
While the precise nature of his cooperation is not clear, Shalon intersected with worlds that later came under the glare of some of US history’s most politically charged investigations.
An Israeli citizen, he allegedly teamed up with a Russian hacker who is now also in US custody, raising the prospect that Shalon could provide US prosecutors with a road map to Russian cybercrimes, how criminal hackers interact with that nation’s intelligence services, or both.
Other alleged Russian cybercriminals have been brought to the US and charged, among them potential cooperators.
Judging by the range of activities outlined in Shalon’s indictment, he might also be able to act as a guide into criminal spheres such as international money laundering.
A release of Shalon would be “pretty extreme,” said Rebecca Roiphe, a professor at New York Law School and former Manhattan prosecutor who is not involved in the case. “He must be giving up somebody who is far more culpable than him, either in this crime or in a coordinated crime, to get that deal.”
If he is cooperating, “there may be something coming down the road that will answer this riddle,” she added.
A spokesman for the US attorney’s office in Manhattan declined to comment.
A lawyer for Shalon did not respond to requests for comment.
The prospect of a light sentence for Shalon was raised recently by his father, Shota Shalelashvili, a lawmaker in the Republic of Georgia.
In an interview on Georgian television last month, Shalelashvili hinted that his son could soon be released from US custody after explaining how he carried out the hack and repaying “millions” in stolen money.
Shalon has been allowed to remove his home monitoring device, his father told Georgian television, indicating he was at some point allowed to move from jail to home confinement.
Shalelashvili did not respond to requests to comment about the TV report.
Shalon’s alleged hacking conspiracy had tentacles across a wide swath of the global financial system and encompassed identity theft, pump-and-dump frauds, illegal Internet casinos and money transfers via an illegal cryptocurrency exchange. Victims of the hack included Fidelity Investments, E-Trade Financial Corp and Dow Jones & Co.
The breach of sensitive systems inside JPMorgan was so vast that US intelligence officials initially feared there might be a connection to Russian spy agencies, and they provided the FBI with evidence of possible links, according to a US law enforcement official.
Ultimately, the FBI said the endeavor was purely criminal.
At a minimum, authorities might enlist Shalon to explain how his crew and other hackers managed to launder hundreds of millions of dollars, which could help them track the vast money trail of modern-day cybertheft.
Prosecutors could also have put Shalon back online, as they have in other hacking cases, using him as a guide through the criminal underground and perhaps even luring other cybercriminals into US grasp.
In his interview with Georgia’s Rustavi 2 television channel, Shalelashvili said his son could be allowed to present financial guarantees that could let him leave the US.
“He may be found guilty — but not to the extent that may have been expected,’’ the father said.
Shalelashvili, 59, was born in the then-Soviet republic of Georgia and moved as a young man to Israel, where he raised his family. He now has Georgian, Russian and Israeli citizenship, and has said in previous interviews that he made much of his fortune doing business in Russia and Africa.
In 2014, Shalelashvili made a run at buying Georgia’s Cartu Bank from billionaire Bidzina Ivanishvili for US$270 million. Ivanishvili, a former Georgian prime minister, pulled out of the deal.
Shalon was arrested in July 2015 at his home in a Tel Aviv suburb. He was extradited to the US in 2016. That same year, his father returned to Georgia and gained a seat in parliament as a member of Ivanishvili’s party, Georgian Dream, which currently holds the majority.
Shalon had US$100 million stashed in Swiss bank accounts at the time of his arrest, US officials said.
He and his main codefendants agreed to a series of deals repatriating money stashed in bank accounts in Switzerland, Georgia, Cyprus, Luxembourg and Latvia.
US authorities also asked Georgian officials to seize Georgian accounts held by Shalelashvili, according to the television report.
Shalelashvili told the TV interviewer that Georgian authorities misidentified money in his accounts as belonging to his son and later released it.
The office of Georgia’s prosecutor declined to comment.
In all, Shalon agreed to surrender US$403 million in 2017 as part of the case, Israel’s Calcalist newspaper reported, citing court documents it reviewed.
Many of the documents in Shalon’s case file in Manhattan federal court remain sealed.
As several of Shalon’s alleged co-conspirators pleaded guilty or were tried and convicted, Shalon quietly idled in the US legal system. Public hearings have been repeatedly postponed. The long delays and silence are typical when a defendant turns into a cooperator.
All the while, a key alleged fellow conspirator remained at large — an unidentified, Russian-speaking hacker who authorities said had hands on the keyboard to penetrate networks for Shalon’s ring.
Then, in September last year, federal prosecutors heralded a “significant milestone’’ in their case: The JPMorgan hacker, whom they identified as Andrei Tyurin of Russia, had been arrested in the Republic of Georgia and extradited to the US.
The US and Georgia do not have a formal extradition treaty, but they have had a general law enforcement cooperation agreement for nearly two decades. How and why Tyurin wound up in Georgia remains unclear.
Georgian authorities said he was arrested entering the country through Tbilisi International Airport and said he was unaware that he was a wanted man.
For US officials, Tyurin could help illuminate the links between Russia’s cybercriminals and its spy agencies. During the JPMorgan investigation, US intelligence agencies presented the FBI with evidence that Russia had tried to recruit the hacker, who was initially referred to in the indictment as co-conspirator 1.
According to Georgian authorities, Moscow mounted an unsuccessful bid to have Tyurin returned to Russia.
Tyurin appeared at a hearing immediately upon arriving in the US and again a few weeks later. Subsequent hearings in his case have been postponed, like those for Shalon over earlier years.
A lawyer for Tyurin did not respond to a request for comment.
Shalelashvili, in an interview with Bloomberg, said he was aware of Tyurin’s arrest in Georgia, but had no knowledge of how it came about.
The Central Epidemic Command Center (CECC) has been giving daily COVID-19 updates for almost four months, and on several occasions when major developments have arisen, the news conferences have attracted large numbers of viewers. The entire nation is anxious about the pandemic, and interest in the latest news has become a part of daily life. Watching the center’s daily news conferences has become something of a national ritual. The pandemic has stabilized within Taiwan due to the admirable efforts of each person living in the nation conducting themselves with the utmost responsibility, and in certain cases making considerable sacrifices within their
This year marks the 75th anniversary of the end of World War II. In that war’s aftermath, novelist George Orwell produced two prophetic works. The first, Animal Farm, was published in August 1945; the second, Nineteen Eighty-Four, came out in June 1949. Both still ring true and cover a wide range of messages, including even how the mid-sized nation of Taiwan achieved its democracy and why it still maintains an outlier status in a COVID-19 world. With its full planetary scope, WWII left untold millions dead and injured, cities were destroyed and the future path of most nations was altered. New
Israel-based geo-intelligence data provider ImageSat International on May 13 released a satellite photograph of the Chinese-controlled Fiery Cross Reef (Yongshu Reef, 永暑礁) on Twitter. The image gave a clear view of Chinese People’s Liberation Army (PLA) Air Force Shaanxi KJ-500 airborne early-warning aircraft, KQ-200 anti-submarine maritime patrol aircraft and a suspected Changhe Z-18 anti-submarine helicopter, showing that the PLA has advanced its deployment in the South China Sea. Only last month, China established Xisha District (西沙) on Woody Island (Yongxing Island, 永興島) and Nansha District (南沙) on the reef, both of which fall under Sansha, a prefecture-level city established in
United States Senator “Kit” Bond (R-MO) was a real leader on Asia policy during his time in Congress. Like most senators, he had a ready one-liner for every occasion. The one I never tired of hearing is “Well, looks like everything has been said. The problem is not everyone has said it.” It’s sort of like with US-China great power competition. There is not much new to say. This is especially true because it’s largely a story of what’s already happened: BRI, Made in China 2025, aggression in the South China Sea, provocations on the Indian border, cyber-hacks, erosion of “one country,