Russian hackers appear to have found a new way to get their hands on inside information to profit on stock trades. Rather than hack the actual companies, they allegedly targeted two firms — with which thousands of public companies use to make electronic filings — for market-moving information, prosecutors say.
Recently unsealed indictments in Boston’s federal court claim a group led by Russian cybersecurity executive Vladislav Klyushin — who has ties to the Kremlin — stole inside information and made over $82 million by trading ahead of unreleased announcements, according to a report by Barron’s magazine.
A police officer patrols at the Zaryadye park with the Kremlin’s Spasskaya tower and St. Basil’s Cathedral on the background in central Moscow on June 29, 2020. (Photo by Yuri KADOBNOV / AFP) (Photo by YURI KADOBNOV/AFP via Getty Images)
Described as “one of the largest hackings of inside information on stocks ever charged,” the Klyushin group got their hands on inside information regarding Tesla, Microsoft, IBM, as well a more than 165 other companies.
Elon Musk of Tesla (Getty/Peter Parks)
While documents from the Department of Justice, and a civil case by the Securities and Exchange Commission (SEC), conceal the names of the two firms, the SEC describes “Servicer A” as a Chicago-based company, and “Servicer B” as a division of a foreign company.
Barron’s, however, says it was able to identify “Servicer A” as Donnelley Financial Solutions, and “Servicer B” as the Toppan Merrill unit of Japan’s Toppan.
According to prosecutors, the Klyushin hackers stole computer passwords from the filing agents’ employees, and then wandered through the firms’ networks from 2017 through 2020 to steal copies of more than 500 unannounced earnings drafts.
Klyushin was arrested in Switzerland late last year and extradited to the U.S., where he pleaded not guilty at his January 8 arraignment. U.S. Magistrate Judge Marianne Bowler declined to release him on bail. Meanwhile, Klyushin’s co-defendants remain at large.
While Donnelley Financial did not respond to the magazine’s request for comment, Toppan Merrill acknowledged that it is one of the filing firms described in the indictments.
“Toppan Merrill has been cooperating fully with government authorities in support of their investigations in this matter,” the company’s general counsel Lisa Bilcik told Barron’s. “We have communicated with the limited set of customers whose information was allegedly accessed and used in the illegal trading scheme.”
One of the four co-defendants who remains at large is 35-year-old Ivan Yermakov, who worked for Klyushin’s Moscow-based cybersecurity firm, M-13, according to prosecutors.
Yermakov is also a veteran of a Russian military intelligence agency known as GRU. While at GRU, Yermakov hacked the Democrat Party’s computers, as well as Hillary Clinton’s campaign, ahead of the 2016 elections, according to a 2018 federal indictment.
A second 2018 indictment charged Yermakov with hacking several other entities, including anti-doping agencies and officials, sports federations, the nuclear reactor unit of Westinghouse Electric, the international agency against chemical weapons, and a lab that had investigated suspected Russian poisonings in the United Kingdom.
The M-13 cybersecurity firm’s website lists clients that include Russian government agencies and the office of Russian President Vladimir Putin. In June 2020, Putin awarded Klyushin a national medal of honor.
You can follow Alana Mastrangelo on Facebook and Twitter at @ARmastrangelo, and on Instagram.
COMMENTS
Please let us know if you're having issues with commenting.