Alleged SEC Hackers Charged in Insider Trading Conspiracy

Written by

Two Ukrainian nationals have been charged with hacking into the Securities and Exchange Commission (SEC) and stealing sensitive information for use in insider trading.

Artem Radchenko, 27, and Oleksandr Ieremenko, 26, both from Kiev, were charged with 16 counts including securities fraud conspiracy, wire fraud conspiracy, computer fraud conspiracy, wire fraud and computer fraud.

They’re alleged to have targeted the SEC’s Electronic Data Gathering, Analysis and Retrieval (EDGAR) system, which stores documents related to company disclosures including test filings made before announcements go public.

These filings often contain information similar to that of the official final filing, meaning the two alleged hackers could get their hands on sensitive info before it went public to gain an advantage on the markets.

They’re alleged to have used a variety of tactics to obtain unauthorized access to the EDGAR servers, including directory traversal, phishing and malware. They’re then said to have copied the information to a server in Lithuania.

The Ukrainians recruited traders to their scheme, who used the stolen information to make over $4m in profits, according to the Department of Justice.

For example, they’re alleged to have bought up $2.4m worth of shares in a public company based on information contained in a stolen test filing about its upcoming financials. They then sold these shares for a $270,000 profit over the next day after the company announced it expected record earnings for 2016.

“The defendants allegedly orchestrated sophisticated computer intrusions to steal non-public information from the SEC, compromising the integrity of the market and depriving honest investors of a level playing field,” said assistant attorney general Brian Benczkowski. “The Department of Justice will aggressively pursue and prosecute those who attack our financial markets and seek to profit unfairly, no matter where such offenders reside.”

The charges carry a potential maximum sentence of 25 years behind bars and $500,000 fine, or twice the gain or loss from the relevant offenses.

Ieremenko has been in trouble before, charged in 2015 for his part in an international conspiracy to hack and steal non-public sensitive market information from three newswire organizations, using the same techniques.

A total of 10 defendants have been charged as part of the latest conspiracy.

What’s hot on Infosecurity Magazine?