From at least in or about 2011 until in or about July 2015, Shalon, Orenstein and their co-conspirators operated IDPay and Todur, multinational payment processors for criminals who sought to receive payments by credit and debit card in furtherance of their unlawful schemes. Through these payment processors, Shalon, Orenstein and their co-conspirators knowingly processed credit and debit card payments for, at a minimum, unlawful pharmaceutical distributors, purveyors of counterfeit and malicious purported “anti-virus” computer software, their own unlawful internet casinos and Coin.mx, an illegal U.S.-based Bitcoin exchange owned by Shalon. In doing so, Shalon, Orenstein, and their co-conspirators knowingly processed hundreds of millions of dollars in transactions for criminal schemes, for which they earned a percentage of every transaction.
Beginning in or about 2012, Shalon and his co-conspirators hacked into the computer networks of Victim-12, a U.S. company which assessed merchant risk and compliance for credit card issuers and others, including by detecting merchants that accepted credit card payments for unlawful goods or services. Thereafter, on an ongoing basis, Shalon and his co-conspirators monitored Victim-12’s detection efforts, including by reading emails of Victim-12 employees, so they could take steps to evade detection by Victim-12 of their unlawful payment processing scheme.