- The Washington Times - Tuesday, August 11, 2015

American prosecutors say they’ve broken up an international insider trading ring fit for the cyber era, in which participants netted some $30 million by hacking press release distributors and profiting off of corporate news before it could be made public.

The Department of Justice announced Tuesday that nine people have been charged across two federal districts for their role in what the government says is “the largest scheme of its kind ever prosecuted.”

Five of the nine suspects were arrested earlier in the day in coordinated raids undertaken in Georgia and Pennsylvania, the DOJ said, including Vitaly Korchevsky, a 50-year-old Russian-born businessman who worked for Morgan Stanley before starting his own hedge fund in 2011.

International arrest warrants were issued for the four others, all of whom are thought to be overseas.

Prosecutors think hackers operating in Ukraine breached the computer systems of companies that publish corporate press releases, then passed the pilfered details along to traders who were primarily based in the U.S., according to the indictment.

The websites that had been compromised were those of PR Newswire Association LLC, Marketwired and Business Wire, the DOJ said, through methods ranging from brute force attacks and spear-phishing — or sending camouflaged malware to targets in the form of legitimate-looking emails — to exploiting vulnerabilities in the databases used by the distributors.

Cybercriminals were able to make off with more than 150,000 press releases during the course of the scheme, and they passed off news reports to traders concerning hundreds of companies ranging from Panera Bread and Boeing to Hewlett-Packard and Oracle, the DOJ said.

A laptop belonging to one of the defendants was seized in late 2012 and revealed to contain nearly 1,000 of the hacked press releases, according to the indictment, and evidence cited by prosecutors includes an excerpt from an online conversation between two of the defendants in which one told the other, in Russian, “I’m hacking prnewswire.com.”

Attacks against the press release distributors started in 2010, according to charging documents, and occurred as recently as last month.

“The hackers were relentless and they were patient,” Paul Fishman, U.S. attorney for the District of New Jersey, said Tuesday, adding that the defendants maintained access for “long stretches of time” in some cases in order to maximize their profits.

In one instance, authorities say, the hackers gained unauthorized access to a press release from Caterpillar Inc., the construction equipment manufacturer, containing an earnings report that would be published online later in the day.

In the few hours between when the report was provided to PR Newswire and made publicly available on the Web, prosecutors say the defendants and their co-conspirators purchased 3,800 shares in the company that were sold later in the day for a profit of roughly $648,000.

The same scam was done with another earnings report from Caterpillar the following quarter, that time generating more than $1 million for the defendants, authorities charge.

“This is the story of a traditional securities fraud scheme with a twist — one that employed a contemporary approach to a conventional crime,” said Diego Rodriguez, the assistant director of the FBI. “But just as criminals continue to develop relationships with one another in order to advance their objectives, the law enforcement community has developed a collaborative approach to fighting these types of crimes.”

According to David Fidler, a law professor and fellow at the Center for Applied Cybersecurity Research at the Indiana University Maurer School of Law, the scheme as outlined by federal prosecutors only further exemplifies a seemingly across-the-board inability to protect online assets from the reach of hackers.

“The case highlights something that is becoming all too familiar: that the continued, widespread vulnerabilities in corporate information systems contribute to the degradation of important national objectives, including privacy, the protection of intellectual property and, in this situation, the functioning of markets,” he said.

Besides Mr. Korchevsky, defendants Arkadiy Dubovoy, Igor Dubovoy, Leonid Momotok and Alexander Garkusha are in police custody. Ivan Turchynov, Oleksandr Ieremenko, Pavel Dubovoy and Vladislav Khalupsky are believed to be residing in Ukraine.

• Andrew Blake can be reached at ablake@washingtontimes.com.

Copyright © 2021 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.

Click to Read More and View Comments

Click to Hide