Advertisements

Insiders: International Hacking Scheme Rakes in $100 Million by Stealing Press Releases

oceans12cast

The SEC lawsuit named 17 individuals and 15 companies in the U.S. and abroad, in such places as Russia, France, Malta and Cyprus. Danny Ocean could not be reached for comment.

NEWARK, N.J. (AP) — In late October 2013, Panera Bread Co., the national chain of restaurants that specializes in healthy soups and baked goods, prepared a news release to announce it was adjusting its earnings expectations downward for the recently begun fourth quarter.

“The international hacking scheme allegedly raked in $100 million between 2010 and 2015. It is being called the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.”

The release undoubtedly was one of many sent by publicly traded companies to business news services for publication.

“The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days.”

This one was different, though. As an unsuspecting investing public awaited the announcement, federal authorities say a group comprising computer hackers and stock traders already had seen the release in the computer system of Marketwired, the Toronto business newswire.

spy-data-nsa-gop-nro

“Authorities said that beginning in 2010 and continuing as recently as May, they gained access to more than 150,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco. The press releases contained earnings figures and other corporate information.”

Using the crucial information in the release, the group allegedly made $17 million worth of trades and orders betting Panera’s stock would lose value once the news went public. They were correct, and for their efforts walked away with nearly $1 million in profit, according to a criminal indictment unsealed Tuesday against nine people in the U.S. and Ukraine.

“It is being called the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.”

The international hacking scheme allegedly raked in $100 million between 2010 and 2015. It is being called the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.

United States Secretary of Homeland Security Jeh Johnson, center, speaks during a news conference in Newark, N.J., Tuesday, Aug. 11, 2015. An international group of hackers and stock traders made $30 million by breaking into the computers of newswire services that put out corporate press releases and trading on the information before it was made public, federal prosecutors said Tuesday. (AP Photo/Seth Wenig)

United States Secretary of Homeland Security Jeh Johnson, center, speaks during a news conference in Newark, N.J., Tuesday, Aug. 11, 2015. (AP Photo/Seth Wenig)

“Perhaps even more alarming was the assertion by prosecutors that much of the group’s ability to illegally tap into the news services’ computer systems came via ‘phishing,’ a well-known practice in which hackers send an email with a seemingly innocuous link that, if clicked on, can eventually lead to the divulging of the user’s login and password information.”

The Securities and Exchange Commission also brought civil charges against the nine plus 23 other people and companies in the U.S. and Europe.

“Every employee of every company has to be vigilant about the emails they get from people who look like their friends or acquaintances, urging them to click on a link. They should say to themselves every time that happens,`That seems like a really bad idea.'”

— Paul Fishman, U.S. attorney for New Jersey

The case “illustrates the risks posed for our global markets by today’s sophisticated hackers,” SEC chief Mary Jo White said. “Today’s international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated.”

hackers

“The nine people indicted include two people described as Ukrainian computer hackers and six stock traders. Prosecutors said the defendants made $30 million from their part of the scheme.”

Authorities said that beginning in 2010 and continuing as recently as May, they gained access to more than 150,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco. The press releases contained earnings figures and other corporate information.

“Today’s international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated.”

The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days, prosecutors said. Read the rest of this entry »

Advertisements