Hack­ers ac­cused of prof­it­ing off stolen re­leases


In late Oc­to­ber 2013, Pan­era Bread Co., the U.S. chain of restau­rants that spe­cial­izes in healthy soups and baked goods, pre­pared a news re­lease to an­nounce it was ad­just­ing its earn­ings ex­pec­ta­tions down­ward for the re­cently be­gun fourth quar­ter.

The re­lease un­doubt­edly was one of many sent by pub­licly traded com­pa­nies to busi­ness news ser­vices for pub­li­ca­tion.

This one was dif­fer­ent, though. As an un­sus­pect­ing in­vest­ing public awaited the an­nounce­ment, fed­eral author­i­ties say a group com­pris­ing com­puter hack­ers and stock traders al­ready had seen the re­lease in the com­puter sys­tem of Mar­ketwired, the Toronto busi­ness newswire.

Us­ing the cru­cial in­for­ma­tion in the re­lease, the group al­legedly made US$17 mil­lion worth of trades and or­ders bet­ting Pan­era’s stock would lose value once the news went public. They were cor­rect, and for their ef­forts walked away with nearly US$1 mil­lion in profit, ac­cord­ing to a crim­i­nal in­dict­ment un­sealed Tues­day against nine peo­ple in the U.S. and Ukraine.

The in­ter­na­tional hack­ing scheme al­legedly raked in US$100 mil­lion be­tween 2010 and 2015. It is be­ing called the big­gest case of its kind ever pros­e­cuted, and one that demon­strated yet another way in which the fi­nan­cial world is vul­ner­a­ble to cy­ber­crime.

The Se­cu­ri­ties and Ex­change Com­mis­sion also brought civil charges against the nine plus 23 other peo­ple and com­pa­nies in the U.S. and Europe.

The case “il­lus­trates the risks posed for our global mar­kets by to­day’s so­phis­ti­cated hack­ers,” SEC chief Mary Jo White said. “To­day’s in­ter­na­tional case is un­prece­dented in terms of the scope of the hack­ing at is­sue, the num­ber of traders in­volved, the num­ber of se­cu­ri­ties un­law­fully traded and the amount of prof­its gen­er­ated.”

The nine peo­ple in­dicted in­clude two peo­ple de­scribed as Ukrainian com­puter hack­ers and six stock traders. Pros­e­cu­tors said the de­fen­dants made US$30 mil­lion from their part of the scheme.

Author­i­ties said that be­gin­ning in 2010 and con­tin­u­ing as re­cently as May, they gained ac­cess to more than 150,000 press re­leases that were about to be is­sued by Mar­ketwired; PR Newswire in New York; and Busi­ness Wire of San Fran­cisco. The press re­leases con­tained earn­ings fig­ures and other cor­po­rate in­for­ma­tion.

The de­fen­dants then used roughly 800 of those news re­leases to make trades be­fore the in­for­ma­tion came out, ex­ploit­ing a time gap rang­ing from hours to three days, pros­e­cu­tors said.

‘Cau­tious with emails’

Per­haps even more alarm­ing was the as­ser­tion by pros­e­cu­tors that much of the group’s abil­ity to il­le­gally tap into the news ser­vices’ com­puter sys­tems came via “phish­ing,” a well-known prac­tice in which hack­ers send an email with a seem­ingly in­nocu­ous link that, if clicked on, can even­tu­ally lead to the di­vulging of the user’s lo­gin and pass­word in­for­ma­tion.

The case should sound a warn­ing for any­one who uses email in a work set­ting, Paul Fish­man, U.S. at­tor­ney for New Jersey, said Tues­day.

“Ev­ery em­ployee of ev­ery com­pany has to be vig­i­lant about the emails they get from peo­ple who look like their friends or ac­quain­tances, urg­ing them to click on a link,” Fish­man said. “They should say to them­selves ev­ery time that hap­pens, ‘That seems like a re­ally bad idea.’”

A strong earn­ings re­port or other pos­i­tive news can cause a com­pany’s stock to rise, while dis­ap­point­ing news can make it fall. The con­spir­a­tors typ­i­cally used the ad­vance in­for­ma­tion to buy stock op­tions, which are es­sen­tially a bet on the di­rec­tion a stock will move, author­i­ties said.

The hack­ers were rou­tinely paid a cut of the prof­its, pros­e­cu­tors con­tended.

Five de­fen­dants were

ar­rested in the U.S. on Tues­day, and war­rants were is­sued for four oth­ers in Ukraine.

Among those charged were Pavel, Igor and Arkadiy Dubovoy. Author­i­ties said they are re­lated but didn’t say how. Arkadiy and Igor were ar­rested at their homes in Al­pharetta, Ge­or­gia. Pavel was be­lieved to be in Ukraine.

It wasn’t im­me­di­ately known whether the de­fen­dants had at­tor­neys.

Busi­ness Wire said it has hired a cy­ber­se­cu­rity firm to test its sys­tems and make sure they are pro­tected. PR Newswire said it is co­op­er­at­ing with the in­ves­ti­ga­tion, and added: “We take se­cu­rity very se­ri­ously and are ded­i­cated to pro­tect­ing our in­for­ma­tion and sys­tems.” Marketwire did not im­me­di­ately re­spond to a re­quest for com­ment.

The hacker group made more than US$600,000 by trad­ing the stock of Cater­pil­lar Inc. in 2011 af­ter get­ting an ad­vance look at a news re­lease that said the heavye­quip­ment maker’s prof­its were up 27 per­cent, ac­cord­ing to the in­dict­ment.

Sim­i­larly, the group made more than US$1.4 mil­lion trad­ing stock in Sil­i­con Val­ley’s Align Tech­nol­ogy in 2013 ahead of a press re­lease that said rev­enue had climbed more than 20 per­cent, the in­dict­ment said.

The most se­ri­ous charges in the in­dict­ment, wire fraud and se­cu­ri­ties fraud, carry up to 20 years in prison.

The SEC law­suit named 17 in­di­vid­u­als and 15 com­pa­nies in the U.S. and abroad, in such places as Rus­sia, France, Malta and Cyprus. The agency is seek­ing un­spec­i­fied fines and resti­tu­tion against the 32 de­fen­dants.


(Above) A poster board de­tail­ing an in­sider trad­ing scam in­volv­ing hack­ing is dis­played at the start of a news con­fer­ence in Ne­wark, New Jersey, Tues­day, Aug. 11. (Right) U.S. Se­cret Ser­vice Di­rec­tor Joseph Clancy, cen­ter, speaks dur­ing a news con­fer­ence in Ne­wark, Tues­day.

Newspapers in English

Newspapers from Taiwan

© PressReader. All rights reserved.