Ukraine: Cybercriminal Pleads Guilty in US$ 30 Million Trading Scheme

A Ukrainian cybercriminal was one of the first to be convicted in what has been called the largest known computer hacking and securities fraud scheme, a news release from the US Department of Justice said.

Screen_Shot_2016-05-17_at_3.18.30_PM.png(Photo Credit: Flickr)  Vadym Iermolovych pleaded guilty on charges of conspiracy to commit wire fraud, conspiracy to commit computer hacking and aggravated identity theft.

The conspirators, who included securities traders as well as hackers, hacked into the networks of Marketwired L.P., PR Newswire Association LLC, and Business Wire and stole press releases that contained hidden financial information, which they used to make insider trades, overall netting around US$ 30 million in illegal profit. Several others have been indicted, but Iermolovych’s guilty plea marked the first conviction of one of those accused of breaching the networks.

Iermolovych said that he hacked into the network of PRN in early 2013 after hacking into a social networking site to gain employee credentials, stole and sold press releases from Marketwired, and bought access into Business Wire as part of the conspiracy, the DOJ wrote.

The criminals are accused of accessing more than 150,000 releases, and used around 800 of them in order to facilitate trades before the information came out, the Telegraph reported. They sent the stolen releases to traders via overseas computer servers after using targeted cyber-attacks, which included “phishing” and SQL injection attacks, to get access to computer networks, according to the DOJ.

The traders often created wish lists of desired press releases, and passed along a cut of the profit after executing the trades. Overall, the cybercriminals took information from hundreds of companies, including Caterpillar Inc., Hewlett Packard and Home Depot.

Cybercrime is a hugely profitable industry, and is often well established in former Soviet states. An Estonian national was sentenced late last month for running a fraud scheme that infected more than four million computers across the world.