Vitaly Korchevsky, former trade fund manager, and Vladislav Khalupsky, securities trader, recently participated in a huge scheme which made $30 million off of trading stolen press release information. The Department of Justice (DOJ) announced last week that information was illegally obtained from major newswires prior to distribution. Korchevsky and Khalupsky are just two of the most recently convicted defendants in the case.
The two were convicted in federal court on July 6th in Brooklyn, New York. This will be followed by a four-week-trial. The defendants are each looking at a possible maximum prison sentence of twenty years. The were found guilty of conspiracy to commit wire fraud, conspiracy to commit money laundering, conspiracy to commit securities fraud and computer intrusion, and two counts of security fraud. Both the defendants were using stoel press releases to trade on non-public information prior to its scheduled release, in order to make millions of dollar off the operations; per report of the DOJ.
Vitaly and Vladislav worked with several other cybercriminals in order to hack major newswires and steal their information. Once they obtained the data, including non-public financial information, they traded in the stock market. They were able to gain such high numbers of illicit profit because the secret information was not yet publicly released elsewhere, and in some cases was not scheduled to release any time soon. They had collected tens of thousands of documents to trade.
The nine charged defendants resided in the United States and the Ukraine. Between February 2010, and August 2015, hackers Ivan Turchynov and Oleksandr Ieremenko broke into major networks like: Marketwired, PR Newswire, and Businesswire. They were two of the nine defendants that worked in relation to this long lasting operation. They were found in August 2015, when Korchevsky and Khalupsky were first charged. As of now, all nine defendants have pleaded guilty, or have been convicted at trial. The seven “trader defendants” are: Arkadiy Dubovoy, Igor Dubovoy, Pavel Dubovoy, Vitaly Korchevsky, Vladislav Khalupsky, Aleksandr Garkusha, and Leonid Momotok. Hackers Turchynov and Ieremenko were paid off by the others for their work with whatever money they gained at that time. They were often paid through the use of shell companies, an inactive company used for financial maneuvers in order to keep hidden.
The hackers gained access to Marketwired itself in 2010 and stole data using reverse shells. They had broken into PR Newswire several times in that same year, as well as 2011 and 2013. They stole data from Business Wire, and gained access into their system by the use of brute force, involving the illegitimate use of 15 employees credentials.
In total, they accessed more than 100,000 press releases on news earnings, revenues, and other forms of protected data within the prolonged five-year operation. Companies who had their private information shared include: CA Technologies, Caterpillar Inc, Align Technology, Hewlett Packard, Home Depot, Panera Bread, and Verisign.
The findings were spread through a network of global traders that use secure email exchanges and computer servers which are located overseas. Investigators noticed spurts of trading activity just before their publication release, because there was a small pause in time between the traders receiving the stolen information, and it being published.
Investigators found that Korchevsky and Khalupsky tried hiding their trading activity through the use of seperate phones, computers, hotspots, and the regular deletion of emails. They also destroyed any hardware that contained evidence, and sent all illegal profits to offshore shell companies.