HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Topics » Economy & Education » Economy (Group) » Hacker Sentenced For Role...

Wed May 24, 2017, 04:01 AM

Hacker Sentenced For Role In Largest Known Computer Hacking And Securities Fraud Scheme

https://www.justice.gov/usao-nj/pr/hacker-sentenced-30-months-prison-role-largest-known-computer-hacking-and-securities

Department of Justice
U.S. Attorney’s Office
District of New Jersey

FOR IMMEDIATE RELEASE
Monday, May 22, 2017

Hacker Sentenced To 30 Months In Prison For Role In Largest Known Computer Hacking And Securities Fraud Scheme

NEWARK, N.J. – A Ukrainian hacker was sentenced today to 30 months in prison for his role in an international scheme to hack into three business newswires, steal yet-to-be published press releases containing non-public financial information, and use that information to make trades that generated approximately $30 million in illegal profits, Acting U.S. Attorney William E. Fitzpatrick announced. Vadym Iermolovych, 29, of Kiev, Ukraine, previously pleaded guilty before U.S. District Judge Madeline Cox Arleo to a three-count information charging him with conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. Judge Arleo imposed the sentence today in Newark federal court.

Iermolovych admitted that he was personally involved in the hacks into Marketwired L.P. (Marketwired), PR Newswire Association LLC (PRN), and Business Wire (collectively, the “Victim Newswires”). He admitted to hacking into PRN’s network between January 2013 and March 2013. He also admitted that he obtained a set of user credentials of PRN employees stolen from a computer hack into a social networking website and then used at least one of those credentials to ultimately gain access into PRN’s computer network. Iermolovych also admitted that he sold press releases stolen from the network intrusion into Marketwired, and purchased access into Business Wire’s network, all in furtherance of a larger conspiracy to profit from the stolen draft press releases.
(snip)

As alleged in the indictments, between February 2010 and August 2015, computer hackers based in Ukraine gained unauthorized access into the computer networks of the Victim Newswires. They used a series of targeted cyber-attacks, including “phishing” attacks and SQL injection attacks, to gain access to the computer networks. The hackers moved through the computer networks and stole press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and material information.

The hackers shared the stolen releases with the traders using overseas computer servers that they controlled. In a series of emails, the hackers even shared “instructions” on how to access and use the overseas server where they shared the stolen releases with the traders, and the access credentials and instructions were distributed amongst the traders. The traders created “shopping lists” or “wish lists” for the hackers listing desired upcoming press releases for publicly traded companies from Marketwired and PRN.

The traders generally traded ahead of the public distribution of the stolen releases, and their trading activities shadowed the hackers’ capabilities to exfiltrate stolen press releases. In order to execute their trades before the releases were made public, the traders sometimes had to execute trades in extremely short windows of time between when the hackers illegally accessed and shared the releases and when the press releases were disseminated to the public by the newswires, usually shortly after the close of the markets. Frequently, all of this activity occurred on the same day. Thus, the trading data often showed a flurry of trading activity around a stolen press release just prior to its public release.

The traders traded on stolen press releases containing material nonpublic information about hundreds of companies, including Align Technology Inc., Caterpillar Inc., Hewlett Packard, Home Depot, Panera Bread Co., and Verisign Inc. The traders paid the hackers for access to the overseas servers based, in part, on a percentage of the money the traders made from their illegal trading activities. The hackers and traders used foreign shell companies to share in the illegal trading profits.
(snip)

0 replies, 3981 views

Reply to this thread

Back to top Alert abuse

Reply to this thread