The SEC this week announced it was charging 32 defendants with securities fraud for enacting an intricate scheme that stole nonpublic information about corporate earnings announcements.
The charged men included two Ukrainian men based in the US. They allegedly hacked into news release services to obtain the nonpublic earnings information. Thirty others outside the US allegedly traded on that stolen information. The scheme may have generated more than $100 million in illicit profits.
The SEC complaint was unsealed on Aug. 11 and was filed in US District Court in New Jersey.
According to the SEC chair Mary Jo White, the alleged international hacking and illegal trading scheme was huge in scope, as far as the number of securities and traders involved. The profits, as much as $100 million, also were massive. Once the deception was uncovered, the assets of all involved were frozen.
Intricate, Five Year Scam Exposed
The SEC accuses two Ukrainian men, Ivan Turchynov and Oleksandr Ieremenko, with spearheading the plot. They apparently used highly advanced hacking tools to break into at least two newswire services. Then, they allegedly stole several hundred corporate earnings announcements before they were made public.
The SEC also claims that the two men devised a secret web-based hub where they transmitted this stolen data to traders based in Russia, Ukraine, Malta, Cyprus, France, as well as to traders in Georgia, Pennsylvania, and New York.
It is alleged that the traders used the stolen information in a very narrow window of opportunity to place illegal trades in stocks and options. Sometimes, they funneled some of the illegal profits to the two hackers. All of the information stolen involved companies that trade on the NASDAQ and NYSE.
SEC Director of the Division of Enforcement Andrew Ceresney said that the hacking plot was one of the most sophisticated ever devised, and spanned the globe, involving dozens of people and entities. Still, the SEC, with its cutting edge analytical tools that sniffs out illegal trading patterns, has show that the agency can unwind almost any trading scheme.
The two hackers hid their illegal activity by utilizing proxy servers to hide their identities. They posed as customers and also as newswire company employees. It is alleged that the hackers recruited traders for the illegal scheme by using a video that detailed how they can steal earnings information before it is made public.
The criminal complaint also charges that some of the traders paid hackers some of their profits, and sometimes gave them access to brokerage accounts to monitor the trades. It also states that the traders tried to hide their activity by setting up several accounts in several names. They funneled money to the two hackers through fake payments for building and construction goods.
Often Slipped Through Narrow Window of Opportunity
At times, the schemers had narrow windows of opportunity to score their profits. One time in May 2013, the traders and hackers allegedly made their move in a 35 minute period between the newswire receipt of information and the company announcement that the firm was revising earnings downward for that quarter. The SEC complaint charges that just minutes after the firm sent the confidential data to the news release company, the traders sold the stock short and sold CFDs. They made $511,000 in illegal profits when the company’s stock price fell after the announcement went public.
In another instance in 2010, Turchynov emailed 95 stolen news releases from PR Newswire under a subject line ‘fresh stuff.’ He sent that email in Russian and in the body, he wrote that ‘if he says he doesn’t know what this is about , tell him, ‘quarterly report.’’
In several emails, the hackers gave instructions on how to access illegal servers. The traders sent hackers so-called ‘shopping lists’ that detailed some of the press releases they wanted access to.
The criminal indictments describe some of the intricate hacking that was used. For example, the hackers allegedly used phishing to fool newswire employees to let them access the system. They also used advanced ‘brute force’ efforts to decrypt the data, and other ways to get access to the private press releases.
According to Murray Jennex, Professor of Information Systems at San Diego State University, the hacking done in this case was not that innovative; they actually are quite routine practices developed in the last five years.
Jennex added that the scheme shows that companies need to closely safeguard their internal communications. That way, they can detect signs of hacks that may have happened earlier. Many companies just focus on preventing new hacks from the outside.
The SEC criminal complaint charges all 32 defendants with violating antifraud laws, and also related SEC antifraud regulations. The agency seeks a final judgement that would order each person to pay penalties and to return all of their illegal profits with interest.
This case illustrates the efforts that the US government will go to uncover illegal trading activity that includes federal wire fraud and other serious financial crimes. US federal wire fraud laws focus on intentional deception to make illegal gains. Wire fraud involves using wire, television, radio, and/or Internet to engage in illegal schemes that involve deception and profits resulting from such deceptions.