被檢察官稱為史上最大金融黑客案的幕后神秘人現(xiàn)已被美國(guó)政府逮捕。

上周五，美國(guó)政府將安德烈?秋林從格魯吉亞引渡到紐約。這位俄羅斯人涉嫌在針對(duì)摩根大通等十幾家公司的黑客襲擊中承擔(dān)主要破解任務(wù)。美國(guó)政府?dāng)?shù)年的追捕出現(xiàn)了不太真實(shí)的高潮，他們表示，自己一直密切跟蹤的一名黑客領(lǐng)導(dǎo)了對(duì)金融公司的網(wǎng)絡(luò)攻擊，這些攻擊導(dǎo)致了一系列連鎖反應(yīng)，包括證券欺詐、洗錢、信用卡欺詐以及制販假藥。

三年前，紐約聯(lián)邦機(jī)構(gòu)介紹多個(gè)金融系統(tǒng)被黑的情況時(shí)已公布了大多數(shù)細(xì)節(jié)內(nèi)容，黑客攻擊的受害人數(shù)超過(guò)8000萬(wàn)。其他遇襲公司包括富達(dá)投資、道瓊斯、億創(chuàng)理財(cái)公司和史考特金融服務(wù)公司。

此前的法庭文件并未披露主要黑客的身份。上周五出爐的未密封起訴書終于揭示此人正是秋林。當(dāng)天下午1:44，35歲的秋林乘坐的飛機(jī)在紐約斯圖爾特國(guó)際機(jī)場(chǎng)降落。檢察官隨即表示，秋林的引渡是打擊黑客的“重大里程碑”。

上周五下午秋林出現(xiàn)在曼哈頓聯(lián)邦法院，他身著白色體恤衫、黑色褲子和運(yùn)動(dòng)鞋。對(duì)于共謀、計(jì)算機(jī)黑客攻擊、身份盜用和遠(yuǎn)程詐騙指控，秋林均表示不認(rèn)罪。他的律師弗洛里安?米德爾拒絕發(fā)表評(píng)論。

摩根大通黑客案中已有被告跟當(dāng)局合作，這種情況下秋林或許得決定是跟控方妥協(xié)還是直面起訴。這對(duì)他來(lái)說(shuō)是個(gè)意外的轉(zhuǎn)折，幾乎沒(méi)有人相信他會(huì)被交給美國(guó)政府。秋林在犯罪網(wǎng)絡(luò)中的人脈很深，這可能讓他在多項(xiàng)調(diào)查中發(fā)揮作用，包括2016年美國(guó)總統(tǒng)選舉期間的黑客事件。

雙軌黑客

在此前提起的訴訟中，美國(guó)司法部門稱俄羅斯黑客采用的是雙軌制——一方面通過(guò)犯罪性黑客行為牟利，另一方面為其俄羅斯保護(hù)者提供有價(jià)值的信息。

了解調(diào)查情況的人士透露，摩根大通一案中，美國(guó)情報(bào)機(jī)構(gòu)懷疑俄羅斯情報(bào)部門曾試圖解救秋林，而且已經(jīng)向聯(lián)邦調(diào)查局提交了相關(guān)證據(jù)。此外，秋林看來(lái)還對(duì)銀行系統(tǒng)進(jìn)行了廣泛“偵察”，而且承擔(dān)了一些和另一黑客夏隆操縱股價(jià)不太相關(guān)的任務(wù)。

這一情況以及其他線索讓摩根大通部分安全負(fù)責(zé)人擔(dān)心秋林或許還向俄羅斯情報(bào)機(jī)構(gòu)揭示了公司的軟肋。該消息人士稱，聯(lián)邦調(diào)查局已認(rèn)定其為刑事犯罪。

格魯吉亞檢察院女發(fā)言人尼諾?克瓦塔澤表示，美國(guó)和俄羅斯都想引渡秋林，此事最終由格魯吉亞法院裁定。

警察方面透露，去年12月秋林在第比利斯國(guó)際機(jī)場(chǎng)入境時(shí)被格魯吉亞官方逮捕。他不知道自己已遭通緝。秋林在第比利斯的律師帕夫列?阿貝澤也應(yīng)秋林的要求拒絕發(fā)表評(píng)論。

秋林是美國(guó)希望逮捕而俄羅斯表示反對(duì)的幾名黑客之一。上周，希臘最高法院就是否引渡亞歷山大?文尼尼克進(jìn)行了庭審。文尼尼克是俄羅斯人，美國(guó)、法國(guó)和俄羅斯都指控他進(jìn)行過(guò)網(wǎng)絡(luò)犯罪。他還被指為一家比特幣交易所的負(fù)責(zé)人，而且據(jù)稱俄羅斯政府黑客曾利用該交易所盜取民主黨的電子郵件。

主犯

針對(duì)金融公司的黑客行為中，秋林涉嫌和格瑞?夏隆合作。后者是以色列人，被美國(guó)指為這一犯罪的策劃者。據(jù)檢察官介紹，2012-2015年秋林盜取了相關(guān)公司逾1億名客戶的個(gè)人信息。他先是滲透到這些公司的計(jì)算機(jī)網(wǎng)絡(luò)中，然后鎖定客戶數(shù)據(jù)庫(kù)，再將相關(guān)信息傳送到海外的計(jì)算機(jī)上。

檢察官稱，黑客盜取的信息被用于操縱股價(jià)、互聯(lián)網(wǎng)賭博、信用卡欺詐以及通過(guò)比特幣洗錢，由此產(chǎn)生的非法所得達(dá)數(shù)億美元。

夏隆于2015年在以色列被捕，翌年送至美國(guó)。本案的其他幾名被告或已認(rèn)罪，或在審判后定罪。但引渡到美國(guó)已經(jīng)兩年多的夏隆尚未就此事受審，這表明他可能正在和美國(guó)當(dāng)局合作。（財(cái)富中文網(wǎng)）

譯者：Charlie

審校：夏林

The mystery figure behind what prosecutors call the biggest financial hack of all time is now in U.S. custody.

Andrei Tyurin, a Russian citizen who is alleged to have performed key cyber-work in a hack of JPMorgan Chase & Co. and about a dozen other companies, was extradited to New York on last Friday from the republic of Georgia. It was the unlikely culmination of a years-long hunt by U.S. authorities, who had closely tracked a hacker they said led cyber breaches of financial firms that fed an array of activities including securities fraud, money laundering, credit-card fraud and fake pharmaceuticals.

Federal authorities in New York laid out most of those details three years ago when describing a breach of a swath of the financial system that created more than 80 million victims. Other targeted companies include Fidelity Investments, Dow Jones & Co., E*Trade Financial Corp. and Scottrade Financial Services Inc.

What the earlier court filings didn’t disclose was the identity of the central hacker — revealed finally in an unsealed indictment on last Friday as Tyurin. Moments after the jet carrying Tyurin, 35, touched down at New York’s Stewart International Airport at 1:44 p.m., prosecutors called his extradition a “significant milestone” in the fight against hacking.

Tyurin appeared in Manhattan federal court on last Friday afternoon in a white T-shirt, black pants and sneakers, pleading not guilty to charges of conspiracy, computer hacking, identity theft and wire fraud. His lawyer, Florian Miedel, declined to comment.

With others in the JPMorgan hacking case cooperating with authorities, Tyurin may need to decide whether to cut a deal or face prosecution, an unexpected turn for a suspect that few believed would be handed over to the U.S. His deep web of contacts in the criminal underground could make him useful in a wide range of investigations, including the hacking of the 2016 presidential election.

Two-Track Hacks

In previous prosecutions, U.S. authorities have alleged that Russian hackers have worked on dual tracks — profiting from criminal hacking, while also providing valuable information to their Russian minders.

In the JPMorgan matter, American spy agencies suspected there had been attempts by Russian intelligence to recruit Tyurin and had provided evidence of those efforts to the Federal Bureau of Investigation, according to person with knowledge of the probe. The hacker also appeared to do an extensive reconnaissance of bank systems and undertook other activity not strictly related to Shalon’s stock scheme.

That activity and other clues led some security officials at JPMorgan to fear that the hacker might also be providing information on the the firm’s vulnerabilities to Russian intelligence agencies. The FBI concluded this was a strictly criminal endeavor, the person said.

Tyurin was wanted for extradition by the U.S. as well as Russia, according to Nino Kvatadze, a spokeswoman for the Georgian prosecutor’s office. The matter went before a Georgian court, she said.

Tyurin was detained in December by Georgian authorities while entering Tbilisi International Airport, police said. He was unaware he was a wanted man. At his client’s instruction he said, Tyurin’s Tblisi lawyer, Pavle Abaidze, also declined to comment.

He is one of several Russian hackers sought by the U.S. over Russia’s objection. Last week, Greece’s supreme court heard arguments over whether to extradite Alexander Vinnik, a Russian accused of cybercrimes in the U.S., France and Russia. Vinnik allegedly oversaw a bitcoin exchange used by Russian government hackers accused of stealing Democrats’ emails.

Scheme’s Mastermind

In the financial firms’ hack, Tyurin allegedly worked in concert with Gery Shalon, an Israeli who the U.S. accuse of masterminding the scheme. From 2012 to 2015, according to prosecutors, Tyurin purloined personal information about more than 100 million of the firms’ clients by infiltrating corporate computer networks, locating customer databases and exporting profile information to computers overseas.

The information from the hacks was used in stock manipulation, Internet gambling, credit-card fraud and bitcoin money laundering, prosecutors say, allegedly generating hundreds of millions of dollars in illicit proceeds.

Shalon was arrested in Israel in 2015 and shipped to the U.S. the next year. Several other figures in the case have either pleaded guilty or were convicted after trial. But more than two years later, U.S. authorities haven’t brought Shalon to trial in the matter, signaling that he may be cooperating with U.S. authorities.