Federal authorities have charged nine people in connection with an elaborate trading scheme involving hackers from Ukraine and securities traders in the U.S. that generated more than $30 million dollars in illegal profits.
The federal indictments, unsealed today in New York and New Jersey, allege that hackers broke into three newswire companies to get early access to more than 150,000 confidential press releases — such as merger-and-acquisition announcements. This allowed the schemers to make trades on them before the deals became public.
Five people were arrested Tuesday, the Department of Justice said in a statement.
At a news conference Tuesday, the U.S. attorney for New Jersey, Paul Fishman, called the incident "a broad-ranging, cutting edge international scheme at the intersection of hacking and securities fraud."
According to court documents from federal prosecutors in New Jersey, approximately 800 trades were executed in advance of the press releases being distributed to the public.
"The Hacker Defendants then shared the Stolen Releases with, among others, the Trader Defendants using overseas computer servers. The Trader Defendants traded on the material nonpublic information contained in the Stolen Releases prior to their distribution to the investing public. The Trader Defendants paid the Hacker Defendants for access to the servers based, in part, on a percentage of how much money the Trader Defendants made trading ahead of the information contained in the Stolen Releases."
Federal authorities say defendants pilfered releases from Marketwired, Business Wire and PR Newswire starting as early as February 2010. They'd share the stolen materials by creating servers where others could access and analyze the unreleased news before companies disseminated to the public, according to the indictments.
The hackers allegedly even created a video that acted as a tutorial on how to gain access to those servers with the stolen materials.
The Wall Street Journal reports:
"The case may be the largest of its kind, these people said, and illustrates the increasingly bridged lines between cybertheft and traditional financial crimes. The alleged international plot unfolded in chat rooms in the dark web, where U.S. traders teamed with hackers in Eastern Europe to conspire on a new-fangled approach to insider trading."
The District of New Jersey indictment charges five members of the alleged hacking ring with 23 counts including conspiracy, securities fraud, wire fraud and money laundering. The Eastern District of New York charged the other four defendants with similar crimes.
The list of the companies whose statements were allegedly accessed by the hackers includes Clorox, Boeing, Caterpillar, DreamWorks, Hewlett-Packard and Viacom.