A Russian citizen who works for a cybersecurity company has been extradited to the United States where he is charged with hacking computer networks by two US filing agents employed by several companies to collect quarterly and annual profits from the Securities and Exchange Commission ( SEC). System.
Along with other conspirators, the person made millions of dollars trading the Tangible Non-Public Information (MNPI) stolen from the two filing officers.
Stolen credits used for access
In a press release on Monday, the Justice Department announced that 41-year-old Vladislav Klyushin was extradited to the United States from Switzerland, where he was arrested on March 21.
Klyushin was part of a larger group that MNPI used for at least two years, between January 2018 and September 2020, to trade in the securities of listed companies.
Four other Russians who have been charged but are currently at large have been identified as Ivan Ermakov, Nikolai Rumiantcev, Mikhail Vladimirovich Irzak, and Igor Sergeevich Sladkov.
The defendants used compromised employee ID cards to access the targeted filing agent’s networks and view or download data on multiple companies’ earnings, including SEC filings and press releases.
According to FBI Special Agent BJ Kang, the break-ins were carried out over a VPN connection and the compromise of one of the two agents began in October 2017.
The intruders looked at documents from companies in various fields of activity including: IBM, Steel Dynamics, Avnet, Tesla, Box, Roku, Kohl’s Corporation, Datadog, Altra Industrial Motion Corp, The Nielsen Company.
Because the individuals had information about a company’s performance before it became public, they allegedly acted on it and acted “appropriately on brokerage accounts held in their own name or on behalf of others,” according to an affidavit from the FBI special agent BJ Kang specializes in financial crime investigations.
A pentester and a Russian GRU officer were involved
Of the five Russians accused, Klyushin, Ermakov and Rumiantcev worked for a Moscow-based IT company called M-13, which offers penetration testing and red team engagements that test an organization’s defense by simulating targeted attacks.
The three M-13 employees, who held all positions of deputy general manager, also offered securities services and charged investors 60% of the profits, the DoJ says.
According to the company’s website, M-13 customers include “the Administration of the President of the Russian Federation, the Government of the Russian Federation, federal ministries and departments, regional state executive bodies”.
The connection with the Russian government is deeper, however, as Ermakov is a former officer in the Russian General Intelligence Service (GRU), the country’s military intelligence agency.
If arrested, Ermakov also faces older charges related to hacking and influencing efforts targeting the 2016 US election. He is also suspected of being involved in hacking and disinformation operations against international anti-doping agencies, sports associations and anti-doping officials.
According to loading documents, the program was very lucrative. In about a year, one of the defendants, Irzak, acted ahead of public announcements by about 150 companies with a 66% success rate.
Between December 2019 and August 2020, an account used by Irzak generated approximately $ 4.3 million in profits from illicit trafficking before earnings reports were announced by around 47 companies.
Klyushin faces a maximum sentence of five years in prison, three years supervised release and a $ 250,000 fine for conspiracy to gain unauthorized access to computers, wire fraud charges and securities fraud charges. The same maximum penalty applies to the hacking activity.
However, securities fraud and wire transfer fraud each have a maximum penalty of 20 years in prison, three years supervised release, and a fine of $ 250,000.