Leonid Momotok, of Suwanee, Georgia, has pleaded guilty to conspiracy to commit wire fraud for his role in an international scheme to hack into three business newswires and steal yet-to-be published press releases containing non-public financial information that was then used to make trades that generated approximately $30 million in illegal profits.
The guilty plea was entered before United States Magistrate Judge Ramon E. Reyes, Jr. at the federal courthouse in Brooklyn, New York. When sentenced, Momotok faces up to 20 years in prison, as well as restitution, criminal forfeiture, and a fine.
According to court filings and facts presented at the plea hearing, between February 2010 and August 2015, computer hackers based in Ukraine gained unauthorized access into the computer networks of Marketwired L.P., PR Newswire Association LLC (PRN), and Business Wire (collectively, the “Newswire Companies”).
The hackers used a series of sophisticated cyber-attacks to gain access to the Newswire Companies’ computer networks.
Once in the computer networks, the hackers stole press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and material financial information.
At one point, one of the hackers sent an online chat message in Russian to another individual stating, “I’m hacking prnewswire.com.” In another online chat, the hackers stated that they had compromised the log-in credentials of 15 Business Wire employees.
To capitalize on this stolen information, the hackers shared the stolen press releases with Momotok and other traders through overseas servers. In a series of emails, the hackers provided the traders with credentials and instructions on how to access and use the overseas servers.
To assist the hackers steal the most valuable information, the traders created “shopping lists” or “wish lists” for the hackers listing desired upcoming press releases from Marketwired and PRN for publicly traded companies.
Once Momotok and the other traders received the stolen press releases, they used that information to execute trades ahead of the issuance of the press release. In order to execute trades before the press releases were made public, Momotok and the other traders sometimes had to execute trades in extremely short windows of time. Frequently, all of this illegal trading activity occurred on the same day.
Momotok and the other traders traded on stolen press releases containing material nonpublic information about publicly traded companies that included, among hundreds of others: Align Technology Inc.; Caterpillar Inc.; Hewlett Packard; Home Depot; Panera Bread Co.; and Verisign Inc.
Momotok and his co-conspirators’ gained more than $30 million from their illegal trades. In exchange for providing Momotok and the other traders with the stolen press releases, the hackers received a percentage of the illegal proceeds, which were transferred to them through foreign shell companies.