The Georgian-born Israeli Gery “Gabi” Shalon is arguably the mastermind of the world’s largest cybercrime organization, stretching over the U.S., Europe, Russia, Georgia, Israel into Asia. The Israeli accountant Ziv Orenstein was one of Shalon’s deputies in the U.S. There, they operated illegal gaming schemes and performed the largest cybercrime attack ever on the U.S. financial industry. The attack included identity theft, securities manipulation, DDoS attacks, and money-laundering that generated some $400 million of illicit proceeds.
In October 2020, Ziv Orenstein was sentenced to 11 months in jail, which he already spent after his July 2015 arrest in Israel. The court ordered him to forfeit the $1.8 million the criminal operation paid him. While Orenstein allegedly is back in Israel, Gery Shalon is still waiting for his trial in New York. The indictment does not prevent him from operating his cybercrime organization from his New York home office. This is proven by the files of the Vienna Cybercrime Trials. They also prove Shalon’s close ties to Russia.
Extensive cooperation with authorities
Both Shalon and Orenstein have been cooperating extensively with the U.S. prosecutors, lawyers reported which allegedly contributed to the arrest and extradition to the U.S. of Russian Andrei Tyurin, another co-conpsirator of Shalon. Tyurin was arrested in Georgia in 2018. Shalon’s father, Shota Shalelashvili, was an influential politician for the Georgia Dreams party and a member of parliament in Georgia at the time. Following allegations of money laundering, Shalelashvili resigned as a member of parliament in October 2019. Tyurin pleaded guilty and was sentenced to 11 years in prison in January 2021 (read this report).
The U.S. indictment
The U.S. indictment said that Gery Shalon and his cybercrime organization were responsible for a large illegal gambling operation. Additionally, the hacked U.S. financial institutions and stole personal information from 100 million people. The information was used to execute an extensive securities manipulation scheme (pump-and-dump with penny stocks). The extensive indictment also accuses Shalon of extorting competitors and money laundering.
Shalon’s closest collaborators include Russian Vladislav Smirnov (a/k/a Vladislav Khokholkov) and Israeli Gal Barak, who was sentenced to four years in prison in the Vienna Cybercrime Trials (#VCT). Neither has yet been charged in the U.S., but like Shalon, are suspects in the #VCT files (see below).
Remorse and amends
U.S. Prosecutor Eun Young Choi said that Orenstein’s role was important. He has facilitated the illegal gambling operation in part by gaming credit card payment systems on Shalon’s behalf to fool banks. Orenstein told Judge Swain that he grew up in a good home but lost his way after leaving Israel’s navy and getting his accounting license.
At some point in my relationship with Gery Shalon I crossed the line!Ziv Orenstein (Source: Law360)
Orenstein said Shalon paid him good money but that his “stupidity and poor judgment” became apparent when he was arrested and he decided to make up for his mistakes by cooperating with the authorities.
Orenstein, a veteran of Israel’s navy, was required to leave the U.S. and moved back to Israel.
Family Business and the Vienna Cybercrime Trials
Shalon was indicted in the U.S. in November 2015, arrested in Israel, and extradited to the U.S. Since then; the U.S. case has been handled in the utmost secrecy. Most of the U.S. files are still sealed. Shalon was put under a kind of house arrest in New York and was not allowed to use computers or the Internet for some time. Since at least 2018, Shalon has used a Russian cell phone and communicated through it with his partners Vladislav Smirnov, Gal Barak, Marina Barak (previously Marina Andreeva), and key people of the E&G Bulgaria organization like Amit Hulin (see Telegram chat protocol right).
Gery “Gabi” Shalon loves to refer to Smirnov and the Baraks as his family, with him as the patriarch. He gave instructions, and they had to be followed. Gal Barak and his team led the scam network around the Bulgarian E&G Bulgaria, but Shalon was also the boss there and interfered massively, especially in financial activities. His various companies have received millions from the E&G Bulgaria scheme. Millions, stolen from small investors through broker scams like XTraderFX, SafeMarkets, Golden Markets, OptionStarsGlobal, EasyTrade, or BrokerzUnion. Shalon, like Smirnov, is listed as a suspect in the #VCT files of the EU authorities. Both are persons of the highest interest for the involved law enforcement agencies.
The chat history on Telegram proves that Shalon a/k/a TrinityUP was the mastermind behind E&G Bulgaria. He actively participated in the day-to-day cybercrime activities while he was charged in the US and awaiting trial. Actually unbelievable, isn’t it? The chats also prove beyond any reasonable doubt that Vladislav Smirnov was involved in the E&G Bulgaria operation. See one chat with Marina Barak after Gal Barak‘s arrest in January 2019.
Gal Barak was sentenced to four years in prison in early September 2020 in his Vienna trial. He is currently in prison in Austria. Germany also wants to file charges against him and has requested extradition. His Bulgarian wife Marina Barak is the next in line in the #VCT. She is also charged for money-laundering. Her trial is scheduled for the second quarter of 2021.
Via WhatsApp and Telegram, Gery Shalon has issued instructions to E&G Bulgaria using the pseudonym “Trinity,” among others. Based on the documents and statements, the EU authorities consider it proven that Shalon was also the head behind the European cybercrime organization around E&G Bulgaria and the Baraks.