Russian hackers made millions by stealing SEC earning reports
Threat actors steal $80 million per month with fake giveaways, surveys
Log4j vulnerability now used to install Dridex banking malware
US returns $154 Million in bitcoins stolen by Sony employee
PYSA ransomware behind most double extortion attacks in November
New Dell BIOS updates cause laptops and desktops not to boot
2easy now a significant dark web marketplace for stolen data
800K WordPress sites still impacted by critical SEO plugin flaw
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets

A Russian national working for a cybersecurity company has been extradited to the U.S. where he is being charged for hacking into computer networks of two U.S.-based filing agents used by multiple companies to file quarterly and annual earnings through the Securities and Exchange Commissions (SEC) system.
Along with other conspirators, the individual made millions of U.S. dollars by trading on the material non-public information (MNPI) stolen from the two filings agents.
In a press release on Monday, the Department of Justice announced that 41-year old Vladislav Klyushin has been extradited to the U.S. from Switzerland, where he had been arrested on March 21.
“Klyushin is charged with conspiring to obtain unauthorized access to computers, and to commit wire fraud and securities fraud, and with obtaining unauthorized access to computers, wire fraud and securities fraud” – the U.S. Department of Justice
Klyushin was part of a larger group that used MNPI for trading in the securities of publicly traded companies for at least two years, between January 2018 and September 2020.
Four other Russians that have been charged but are currently at large, have been identified as Ivan Ermakov, Nikolai Rumiantcev, Mikhail Vladimirovich Irzak, and Igor Sergeevich Sladkov.
The defendants used compromised employee credentials to access the networks of the targeted filing agent and view or download data related to earnings of multiple companies, including SEC filings and press releases.
According to FBI Special Agent B.J. Kang, the intrusions were carried out through a VPN connection and the compromise of one of the two filing agents started in October 2017.
The intruders looked at documents from companies in various sectors of activity, among them being: IBM, Steel Dynamics, Avnet, Tesla, Box, Roku, Kohl’s Corporation, Datadog, Altra Industrial Motion Corp, The Nielsen Company.
Having information about a company’s performance before it became public, the individuals allegedly acted on it and “traded accordingly, in brokerage accounts held in their own names or in the names of others,” reads an affidavit from FBI special agent BJ Kang, specialized in investigating financial crimes.
Of the five Russians charged, Klyushin, Ermakov, and Rumiantcev worked for a Moscow-based IT company called M-13, which provides penetration testing services and red team engagements, which test the defenses of an organization by simulating targeted attacks.
The three M-13 employees, all of them holding deputy general director positions, also offered investment services, asking investors 60% of the profit, the DoJ says.
According to the company website, among M-13’s customers are “the Administration of the President of the Russian Federation, the Government of the Russian Federation, federal ministries and departments, regional state executive bodies.”
The connection with the Russian government, however, is deeper than this as Ermakov is a former officer in the Russian Main Intelligence Directorate (GRU), the country’s military intelligence agency.
If arrested, Ermakov also faces older charges related to hacking and influence efforts targeting the 2016 U.S. elections. Furthermore, he is suspected to have played a part in hacking and disinformation operations regarding the international anti-doping agencies, sporting federations, and anti-doping officials.
As per charging documents, the scheme was very lucrative. In about a year, one of the defendants, Irzak, traded ahead of public announcements of about 150 companies with a success rate of 66%.
Between December 2019 and August 2020, one account used by Irzak generated profits of about $4.3 million from illegally trading ahead of earnings announcements of around 47 companies.
Klyushin is risking a maximum penalty of five years in prison, three years of supervised release, and a $250,000 fine for conspiring to get unauthorized access to computers, wire fraud, and securities fraud charges. The same maximum sentence is for the hacking activity.
Securities fraud and wire fraud, however, each carries a maximum sentence of 20 years in prison, three years of supervised release, and a $250,000 fine.
Russia arrests cybersecurity firm CEO after raiding offices
Ukraine arrests 51 for selling data of 300 million people in US, EU
Alleged ransomware affiliate arrested for healthcare attacks
Tor’s main site blocked in Russia as censorship widens
Google disrupts massive Glupteba botnet, sues Russian operators
Not a member yet? Register Now
Microsoft warns of easy Windows domain takeover via Active Directory bugs
Log4j vulnerability now used to install Dridex banking malware
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Google will kill Chrome sync support on Chrome 48 and earlier

State hackers breach defense, energy, healthcare orgs worldwideMediaMarkt hit by Hive ransomware,…

FBI warns of increased use of cryptocurrency ATMs, QR codes for fraud

Ukraine links members of Gamaredon hacker group to Russian FSBSamsung Galaxy S21…

McMenamins breweries hit by a Conti ransomware attack

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…

As Twitter removes blue badges for many, phishing targets verified accounts

Convincing Microsoft phishing uses fake Office 365 spam alertsMicrosoft reverses Windows 11’s…