Background: The Trial Against Gal Barak
On July 8, 2020, proceedings commenced in Vienna against Gal Barak, an Israeli national accused of operating a network of fraudulent online trading platforms. Authorities across several EU member states have linked Barak, his wife Marina Barak (formerly Marina Andreeva), and a group of close associates to E&G Bulgaria EOOD, a Sofia-based company allegedly used to operate call centers and broker websites as part of a broader investment fraud scheme.
While Barak is the sole individual standing trial in this particular case, E&G Bulgaria is believed to have been only one part of a much larger network. According to law enforcement sources, the wider operation also involved high-profile individuals such as Gery “Gabi” Shalon, a known cybercrime suspect.
Uwe Lenhoff and the Financial Trail
Barak had close business ties with German entrepreneur Uwe Lenhoff. The pair collaborated in Montenegro, utilizing Global Payment Solutions DOO to process payments. This payment firm is believed to have handled significant volumes of funds allegedly defrauded from EU-based investors.
Lenhoff was arrested in early 2019 and spent over a year in pre-trial detention in Germany. On July 6, 2020—just two days before Barak’s court proceedings began—Lenhoff was found deceased in his cell. The cause of death has not been publicly disclosed.
Testimony from a former associate of Barak’s indicates that the network may have defrauded upwards of 30,000 individuals, with losses possibly exceeding $200 million. Prosecutors in Vienna have opted to begin with Barak’s case and are expected to pursue additional charges against other figures, including former partners, following the outcome of this trial.
Gery Shalon: A Key Figure in the Background
Gery “Gabi” Shalon, an Israeli citizen, is widely considered a central figure in the broader organization. Reports suggest that Shalon played a supervisory role over Barak and E&G Bulgaria.
Shalon was arrested in Israel in 2015 and subsequently extradited to the United States. He faces multiple federal charges, including securities fraud, unlawful online gambling operations, money laundering, and orchestrating distributed denial-of-service (DDoS) attacks. He has also been linked to operating Coin.mx, an unlicensed cryptocurrency exchange in the U.S.
According to a U.S. Department of Justice press release (Nov. 10, 2015), Shalon collaborated with others to conduct large-scale cyberattacks and illegal financial transactions.
The Wall Street Journal described Shalon as a prominent figure from Israel’s digital underworld in an article published the same year. After spending time in U.S. custody, he was released on bail exceeding $400 million and reportedly remains under federal supervision while allegedly cooperating with U.S. authorities in ongoing investigations involving cybercrime actors.
Organizational Structure and Other Individuals of Interest
Barak, Shalon, and Russian national Vladislav Smirnov—described as a seasoned operator in the payment and online financial services sector—are believed to have formed a core group overseeing E&G Bulgaria’s activities. The structure reportedly encompassed:
-
Brokerage scams
-
Online casinos
-
Cryptocurrency services
-
Cross-border payment processing
-
Asset concealment strategies
Records of internal communications and conversations between Barak, Shalon, and Smirnov indicate an ongoing working relationship. These materials, reportedly obtained by investigative authorities, have been used to establish both Shalon and Smirnov as persons of interest.
Cybersecurity Concerns and Implications
The digital platforms of several investigators involved in reporting on this case have reportedly been subjected to persistent DDoS attacks. Some observers speculate that these attacks may be linked to individuals involved in the network, potentially as an attempt to suppress further disclosures.
Statements made during the Vienna trial could place renewed attention on Shalon’s alleged involvement. Additionally, questions remain as to how a suspect under U.S. monitoring could potentially continue engaging in unauthorized activity.