Hacking & Securities Fraud

Nine individuals have been charged by the United States Department of Justice (DOJ) with hacking into three separate newswires, stealing yet-to-be-published press releases, and passing this stolen information to approximately two dozen individuals who then traded on the bulletins before their public release.
The SEC’s charges are on top of wire fraud conspiracy and other charges announced by the U.S. Department of Justice on Tuesday. The nine DOJ defendants also face SEC charges. The other SEC defendants are eight people and 15 companies.

“The defendants were a well-organized group that allegedly robbed the newswire companies and their clients and cheated the securities markets and the investing public by engaging in an unprecedented hacking and trading scheme,” U.S. Attorney Fishman said. “The defendants launched a series of sophisticated and relentless cyber attacks against three major newswire companies, stole highly confidential information and used to enrich themselves at the expense of public companies and their shareholders.”

Between February 2010 and August 2015, Turchynov and Ieremenko, computer hackers based in Ukraine, gained unauthorized access into the computer networks of Marketwired L.P., PR Newswire Association LLC (PRN), and Business Wire. They used a series of sophisticated cyber attacks to gain access to the computer networks. The hackers moved through the computer networks and stole press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and material financial information.

At one point, one of the hackers sent an online chat message in Russian to another individual stating, “I’m hacking prnewswire.com.” In another online chat, Ieremenko told Turchynov that he had compromised the log-in credentials of 15 Business Wire employees.

Using proxy servers to mask their identities, Turchynov and Ieremenko posed as legitimate newswire employees and customers in order to conceal their intrusions, which may have included the installation of malware onto PR Newswire’s servers and the theft of login credentials from Business Wire. The hackers also made instructional videos showcasing their exploits as means to recruit traders.

Following the completion of a successful hack, Turchynov and Ieremenko passed their stolen information along to associates based in the United States, the Ukraine, Russia, Malta, Cyprus, and France via the creation of a secret web-based location. Those recipients then used the releases to place illicit trades in stocks and other trading options on a variety of companies, including Panera Bread, Boeing, Hewlett-Packard, and Oracle.

It is currently unclear how authorities initially detected the hacking and trading scheme. SEC Chairman Mary Jo White has revealed that investigators sorted through millions of trades and thousands of earnings releases for suspicious transaction patterns. This effort ultimately led to the involvement of six federal agencies in the investigation.

The Federal Bureau of Investigation arrested five of the original nine defendants earlier this month. Four others, including Turchynov and Ieremenko, are believed to be in Ukraine, where international warrants have been issued for their arrest, officials said.