How an International Hacker Network Turned Stolen Press Releases Into $100 million

Isobel Koshiw, reporting for The Verge: At a Kiev nightclub in the spring of 2012, 24-year-old Ivan Turchynov made a fateful drunken boast to some fellow hackers. For years, Turchynov said, he'd been hacking unpublished press releases from business newswires and selling them, via Moscow-based middlemen, to stock traders for a cut of the sizable profits. Oleksandr Ieremenko, one of the hackers at the club that night, had worked with Turchynov before and decided he wanted in on the scam. With his friend Vadym Iermolovych, he hacked Business Wire, stole Turchynov's inside access to the site, and pushed the main Moscovite ringleader, known by the screen name eggPLC, to bring them in on the scheme. The hostile takeover meant Turchynov was forced to split his business. Now, there were three hackers in on the game.

Newswires like Business Wire are clearinghouses for corporate information, holding press releases, regulatory announcements, and other market-moving information under strict embargo before sending it out to the world. Over a period of at least five years, three US newswires were hacked using a variety of methods from SQL injections and phishing emails to data-stealing malware and illicitly acquired login credentials. Traders who were active on US stock exchanges drew up shopping lists of company press releases and told the hackers when to expect them to hit the newswires. The hackers would then upload the stolen press releases to foreign servers for the traders to access in exchange for 40 percent of their profits, paid to various offshore bank accounts. Through interviews with sources involved with both the scheme and the investigation, chat logs, and court documents, The Verge has traced the evolution of what law enforcement would later call one of the largest securities fraud cases in US history.

Re:

[cheesybagel]

Actually the man himself said the stock price was too high. So at least he's lucid enough for that.
What he doesn't appreciate is the turbulence of the stock market with his stock.

Only illegal if "executive" is not in your title

[damn_registrars]

At least, in the USA it is that way. Really all you need to do to know what's going to happen here is watch to see what top executives are doing with their stocks. If you can get advance notice on a CEO dumping stock, you'll be way ahead of the rest of the suckers.

Re: Only illegal if "executive" is not in your tit

[Anonymous Coward]

Don't forget Congress. They tried to pass a bill to curtail insider trading among reps, it was watered down to homeopathic levels.

Re:

[Anonymous Coward]

Republican controlled Congress, yes. "The Swamp that aww shucks just can't seem to drain the felonies out"

Re:

[Anonymous Coward]

This idiot actually believes there are no rich Democrats in "public service."

Re:

[bluefoxlucid]

Stop Trading On Congressional Knowledge? They passed that. I was subject to it for a brief period of several months.

Re:

[Anonymous Coward]

No, you weren't. It was watered down significantly within a week by another law and had you actually been subject to it you would know that.

Re:

[Quince alPillan]

A CEO or other top executive dumping stock ahead of a major announcement is called insider trading and illegal.

Re: Only illegal if "executive" is not in your tit

[Anonymous Coward]

Someone mod to +5 funny. Funniest shit I heard all week.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Quince alPillan]

Even if someone commits a crime, you still need to have someone willing to prosecute it and prove that someone actually committed a crime.

Re:

[cheesybagel]

Don't forget the Intel Capital/AMD fiasco back when Hector Ruiz was President of AMD.

Re:

[cheesybagel]

https://www.cbsnews.com/news/g... [cbsnews.com]

Re:Only illegal if Legislator isn't in your title

[PPH]

FTFY

Re:

[jbmartin6]

You can get advance notice, since at that level major stock sales are scheduled ahead of time and in many cases have to be cleared with the SEC. Of course, since it is all scheduled well ahead of time it generally has no impact on the stock price. Which is the point.

Re:

[thomn8r]

The story isn't about news of stock sales, it's about selling not-yet-released news about the company in general that could move the market one way or the other.

Re:

[rtb61]

If you are a three letter espionage agency, working with off balance sheet hedge fund, and hack into companies where the press releases are being written, pondered over, edited and resubmitted for approval prior to release. You can get way ahead and afford an Island in the US Virgin Islands and never be prosecuted for insider trading, woo hoo. Those amateur Russians have got nothing on the professionals, no hint of prosecution for them and they are making much more.

The Wire

[A10Mechanic]

This was the plot of the movie "The Sting", with Robert Redford & Paul Newman. Mode of transmission may have changed though...

Re:

[Mr. Dollar Ton]

It was a minor subplot of "The Count of Monte Cristo", a book written in 1844.

Plant fake info ...

[PPH]

... in your newswire database.

"GE To Declare Bankruptcy", "Lockheed Sold to Chinese", etc. Sit back and watch idiots buy fake info and lose billions.

Re:

[originalGMC]

please please please do this

Re:

[Solandri]

This is actually the quasi-solution to a *lot* of problems. e.g.

• If you've got a database full of your employee's info, populate it with made-up info for a bunch of fake employees. When you use the database, use some secret method to distinguish which employees are real (maybe the sum of their employee ID number and birthdate is divisible by 197). If you ever get hacked and the database is stolen, good luck to the hackers selling a database where 99.5% of the info is fake.
• If you're a defense contractor

Re:

[PPH]

In the UAL case, many of the people who profited or got hurt were innocent. Stupid, for not checking out the story. My idea is to leave an unreleased story somewhere that only would be read by people stealing press releases. But in the latter case, it's more likely to fool the greedy as they don't have second sources for the news they acquired.

Turchynov hacking press releases for years

[najajomo]

"For years, Turchynov said, he'd been hacking unpublished press releases from business newswires and selling them"

Guessing an easily predictable sequencial URL number can hardly be called hacking now can it.

Where is the responsibility for the software bugs?

[Mr. Dollar Ton]

Investigating and prosecuting for hacking-schmacking is okay, but it isn't a remedy, it is an act of revenge. Unless the companies, which were careless enough to develop and deploy a defective product or don't have adequate training and operational policies to effectively mitigate phishing attacks are held responsible, the incentives are tilted the wrong way.

Imagine what cars would have looked like if car companies were not responsible for the damage a defect in the car cost.

Yet in 2018 my bank's online ser