Russian Cyber Exec Extradited After Alleged Trading Conspiracy

A Russian cybersecurity executive has been extradited to the US for his alleged role in a conspiracy to steal sensitive non-public information to make illegal trades.

Vladislav Klyushin, 41, of Moscow, was arrested in Sion, Switzerland in March and arrived in the US last weekend. He’s charged with conspiring to obtain unauthorized access to computers, and to commit wire fraud and securities fraud, and with obtaining unauthorized access to computers, wire fraud and securities fraud.

His alleged co-conspirators, Ivan Ermakov, 35, and Nikolai Rumiantcev, 33, both of Moscow, and Mikhail Vladimirovich Irzak, 43, and Igor Sergeevich Sladkov, 42, both of St. Petersburg, are still at large.

As deputy general director, Klyushin worked alongside Ermakov and Rumiantcev at Moscow-based pen testing and APT emulation firm M-13.

Between January 2018 and September 2020, Klyushin, Ermakov, Irzak, Sladkov and Rumiantcev are alleged to have made tens of millions of dollars from illegal trading based on material non-public information about corporate earnings, in advance of financial results being published.

They are said to have obtained this information by hacking the networks of two US filing agents used by companies to make quarterly and annual SEC filings.

According to court documents, they first harvested employee log-ins at these two companies using proxy networks outside of Russia to disguise their location. This enabled them to gain access to the filing companies’ networks and download sensitive info on hundreds of NASDAQ and NYSE-listed firms.

It allowed them to purchase securities on companies about to disclose positive financials and sell short on those who were due to post negative results.

To further hide their identities, the quartet are said to have registered email addresses and subscribed to payment systems in others’ names. Trading was distributed across accounts in European, US and Russian banks.

M-13 names the Russian government and President’s administration among its clients. Another tie with the Kremlin is Ermakov, who is apparently a former officer in the Russian Main Intelligence Directorate (GRU), charged in 2018 for hacking and disinformation efforts linked to the 2016 US election.

What’s Hot on Infosecurity Magazine?