Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Businesses The Almighty Buck

How an International Hacker Network Turned Stolen Press Releases Into $100 million (theverge.com) 34

Isobel Koshiw, reporting for The Verge: At a Kiev nightclub in the spring of 2012, 24-year-old Ivan Turchynov made a fateful drunken boast to some fellow hackers. For years, Turchynov said, he'd been hacking unpublished press releases from business newswires and selling them, via Moscow-based middlemen, to stock traders for a cut of the sizable profits. Oleksandr Ieremenko, one of the hackers at the club that night, had worked with Turchynov before and decided he wanted in on the scam. With his friend Vadym Iermolovych, he hacked Business Wire, stole Turchynov's inside access to the site, and pushed the main Moscovite ringleader, known by the screen name eggPLC, to bring them in on the scheme. The hostile takeover meant Turchynov was forced to split his business. Now, there were three hackers in on the game.

Newswires like Business Wire are clearinghouses for corporate information, holding press releases, regulatory announcements, and other market-moving information under strict embargo before sending it out to the world. Over a period of at least five years, three US newswires were hacked using a variety of methods from SQL injections and phishing emails to data-stealing malware and illicitly acquired login credentials. Traders who were active on US stock exchanges drew up shopping lists of company press releases and told the hackers when to expect them to hit the newswires. The hackers would then upload the stolen press releases to foreign servers for the traders to access in exchange for 40 percent of their profits, paid to various offshore bank accounts. Through interviews with sources involved with both the scheme and the investigation, chat logs, and court documents, The Verge has traced the evolution of what law enforcement would later call one of the largest securities fraud cases in US history.

This discussion has been archived. No new comments can be posted.

How an International Hacker Network Turned Stolen Press Releases Into $100 million

Comments Filter:
  • At least, in the USA it is that way. Really all you need to do to know what's going to happen here is watch to see what top executives are doing with their stocks. If you can get advance notice on a CEO dumping stock, you'll be way ahead of the rest of the suckers.
    • Don't forget Congress. They tried to pass a bill to curtail insider trading among reps, it was watered down to homeopathic levels.

      • by Anonymous Coward

        Republican controlled Congress, yes. "The Swamp that aww shucks just can't seem to drain the felonies out"

        • by Anonymous Coward

          This idiot actually believes there are no rich Democrats in "public service."

      • Stop Trading On Congressional Knowledge? They passed that. I was subject to it for a brief period of several months.
        • by Anonymous Coward

          No, you weren't. It was watered down significantly within a week by another law and had you actually been subject to it you would know that.

    • A CEO or other top executive dumping stock ahead of a major announcement is called insider trading and illegal.

    • You can get advance notice, since at that level major stock sales are scheduled ahead of time and in many cases have to be cleared with the SEC. Of course, since it is all scheduled well ahead of time it generally has no impact on the stock price. Which is the point.
      • by thomn8r ( 635504 )
        The story isn't about news of stock sales, it's about selling not-yet-released news about the company in general that could move the market one way or the other.
    • by rtb61 ( 674572 )

      If you are a three letter espionage agency, working with off balance sheet hedge fund, and hack into companies where the press releases are being written, pondered over, edited and resubmitted for approval prior to release. You can get way ahead and afford an Island in the US Virgin Islands and never be prosecuted for insider trading, woo hoo. Those amateur Russians have got nothing on the professionals, no hint of prosecution for them and they are making much more.

  • The Wire (Score:4, Insightful)

    by A10Mechanic ( 1056868 ) on Thursday August 23, 2018 @02:25PM (#57182060)
    This was the plot of the movie "The Sting", with Robert Redford & Paul Newman. Mode of transmission may have changed though...
  • by PPH ( 736903 ) on Thursday August 23, 2018 @02:35PM (#57182110)

    ... in your newswire database.

    "GE To Declare Bankruptcy", "Lockheed Sold to Chinese", etc. Sit back and watch idiots buy fake info and lose billions.

    • please please please do this
    • This is actually the quasi-solution to a *lot* of problems. e.g.
      • If you've got a database full of your employee's info, populate it with made-up info for a bunch of fake employees. When you use the database, use some secret method to distinguish which employees are real (maybe the sum of their employee ID number and birthdate is divisible by 197). If you ever get hacked and the database is stolen, good luck to the hackers selling a database where 99.5% of the info is fake.
      • If you're a defense contractor
  • "For years, Turchynov said, he'd been hacking unpublished press releases from business newswires and selling them"

    Guessing an easily predictable sequencial URL number can hardly be called hacking now can it.
  • Investigating and prosecuting for hacking-schmacking is okay, but it isn't a remedy, it is an act of revenge. Unless the companies, which were careless enough to develop and deploy a defective product or don't have adequate training and operational policies to effectively mitigate phishing attacks are held responsible, the incentives are tilted the wrong way.

    Imagine what cars would have looked like if car companies were not responsible for the damage a defect in the car cost.

    Yet in 2018 my bank's online ser

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...