The owner of a Russian penetration-testing company has been found guilty of being part of an elaborate scheme that netted $90 million after stealing SEC earning reports.
For nearly three years, 42-year-old Vladislav Klyushin - the owner of Moscow-based cybersecurity firm M-13 - and his co-conspirators had hacked into two US-based filing agents used by publicly-traded American companies to file earning reports to the Securities and Exchange Commission.
As a Department of Justice press release explains, the earning reports contained sensitive corporate information that allowed the hackers to make millions of dollars through insider trading - before the information the reports contained became public knowledge.
"Armed with this information before it was disclosed to the public, Klyushin, and his co-conspirators knew ahead of time, among other things, whether a company's financial performance would meet, exceed or fall short of market expectations – and thus whether its share price would likely rise or fall following the public earnings announcement."
Specifically, Klyushin and his co-conspirators are said to have stolen login credentials and exploited vulnerabilities to plant malware that allowed them to view and download non-public quarterly and annual earnings reports from hundreds of companies that had not yet been disclosed to the general public or filed with the SEC.
Companies whose earning reports were illegally obtained included Tesla, Roku, and Snap.
Additionally, Klyushin ran a "hack-to-trade" scheme that took money from others for share trading, keeping 60% of the profits for himself.
Klyushin, who is estimated to have personally made over $38 million from the scheme, was arrested in Switzerland in March 2021 and subsequently extradited to the United States. He is scheduled to be sentenced on May 4, 2023.
Four of Klyushin's co-conspirators - Ivan Ermakov, Nikolai Rumiantcev, Mikhail Vladimirovich Irzak, and Igor Sergeevich Sladkov - remain at large.
As far back as 2015, the SEC was warning that "failures in cybersecurity have prompted a dangerous, new method of unlawful insider trading."
Clearly, the threat remains very real.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.