MANHATTAN (CN) – A 23-year-old Russian man was sentenced to two years in federal prison for a conspiracy that used hundreds of phony bank accounts to steal $3 million from U.S. accounts compromised by malware attacks.
Nikolay Garifulin, of Volgograd, pleaded guilty in September 2011 to conspiracy to commit bank fraud and conspiracy to possess false identification documents, the U.S. Attorney’s Office said in a statement announcing his sentencing.
“(H)ackers in Eastern Europe used cyber attacks to steal money from the bank accounts of small and mid-sized businesses throughout the United States,” the U.S. Attorney’s Office said. “The cyber attacks included the use of malware known as ‘Zeus Trojan,’ which would embed itself in victims’ computers and record their keystrokes as they logged into their online bank accounts. The hackers responsible for the malware then used the account information to take over the victims’ bank accounts and make unauthorized transfers of thousands of dollars at a time to accounts controlled by co-conspirators, including Garifulin, who were members of a money mule organization.
“The money mule organization recruited individuals who had entered the United States on student visas, provided them with fake foreign passports, and instructed them to open accounts at U.S. banks under false names. Once the false-name accounts were successfully opened and the stolen funds transferred into the accounts, the ‘mules’ moved the money to other accounts, most of which were overseas, or withdrew and transported it overseas as smuggled bulk cash.”
Garifulin also was ordered to pay $192,123 in restitution and was fined $100,000.
Thirty-seven people were charged in the scheme in September 2010, and 27 were arrested, prosecutors said. Garifulin was the 27th of those who were arrested to plead guilty. Twenty-three others have been sentenced. Eight other defendants entered deferred prosecution agreements and eight are fugitives.