Prosecutors have revealed the details of a scheme that saw stock traders and hackers team up to make as much as $100m (£64m) in illegal profits over five years.
Charges were brought against nine people in an insider-trading case that involved the use of 150,000 press releases stolen from distributors Business Wire, Marketwired and PR Newswire before they were made public to make trades ahead of the curve.
The group consists of mainly US-based stock traders and Ukrainian hackers and police arrested five in the USA yesterday, while international arrest warrants were issued for the other four.
“This is the story of a traditional securities fraud scheme with a twist – one that employed a contemporary approach to a conventional crime,” Diego Rodriguez, FBI assistant director-in-charge, said at a news conference.
Prosecutors said the Ukraine-based hackers were given ‘shopping lists’ of press releases containing sensitive corporate information by the traders, which they then stole in return for a portion of the profits from trades based on them.
An indictment in Brooklyn charged four traders: Vitaly Korchevsky, 50, a former hedge fund manager from Pennsylvania; Vladislav Khalupsky, 45, of Brooklyn and Odessa, Ukraine; and Leonid Momotok, 47 and Alexander Garkusha, 47, of the US state of Georgia. The charges included securities fraud, wire fraud and money laundering conspiracy.
Another indictment made public in New Jersey charged Ivan Turchynov, 27, and Oleksandr Ieremenko, 24, alleged hackers who live in Ukraine; Pavel Dubovoy, 32, a trader from Ukraine; and Arkadiy Dubovoy, 51, and his son Igor Dubovoy, 28, traders from Georgia.
Arkadiy Dubovoy and Igor Dubovoy appeared in federal court in Atlanta, while Momotok and Garkusha made court appearances in nearby Gainesville. All four were scheduled to be in court again on Thursday. Korchevsky appeared without a lawyer in federal court in Philadelphia.
Online chats quoted in one indictment detailed Ieremenko telling Turchynov on March 25, 2012, that he had “bruted” the log-in credentials of 15 Business Wire employees, and telling an unidentified recipient in Russian on October 10, 2012, that “I’m hacking prnewswire.com.”
Securities and Exchange Commission (SEC) chair Mary Jo White said those charged “went to great lengths to evade detection”, but investigators found the traders used technology that identified both suspicious trading and relationships among traders. The search required the SEC to sort through millions of traders, thousands of earnings announcements and gigabytes of data on IP addresses.
The nine defendants were indicted on charges that they made $30m in illegal profits starting around February 2010, but a related civil lawsuit brought by the SEC has charged 17 more people and 15 corporate entities and said that thefts of inside information resulted in more than $100m in illegal profit.
The SEC said the network included traders in New York, Cyprus, France, Malta and Russia. It is seeking civil penalties, and has already obtained court-ordered asset freezes.
“This case illustrates how cyber criminals and those who commit securities fraud are evolving and becoming more sophisticated,” US Attorney Paul Fishman in New Jersey said at the news conference. “The hackers were relentless and they were patient.”
Fishman said the distributors, who were not charged with wrongdoing, provided “fabulous cooperation” in the probe.