Two Ukrainian men have been charged for their roles in a large-scale, international conspiracy to hack into the Securities and Exchange Commissions (SEC) computer systems and profit by trading on critical information they stole, U.S. Attorney Craig Carpenito announced today.
In a 16-count indictment unsealed today Artem Radchenko, 27, and Oleksandr Ieremenko, 26, both of Kiev, Ukraine, are charged with securities fraud conspiracy, wire fraud conspiracy, computer fraud conspiracy, wire fraud, and computer fraud. The SEC also filed a civil complaint today charging Ieremenko along with several other individuals and entities.
The indictment alleges that Radchenko and Ieremenko hacked the SECs Electronic Data Gathering, Analysis and Retrieval (EDGAR) system and stole thousands of files, including annual and quarterly earnings reports containing confidential, non-public, financial information, which publicly traded companies are required to disclose to the SEC. The defendants and others then profited by selling access to the confidential info in these reports and trading on this stolen information prior to its distribution to the investing public.
To gain access to the SECs computer networks, the defendants used a series of targeted cyber-attacks, including directory traversal attacks, phishing attacks, and infecting computers with malware. Once the defendants had access to the test filings on the EDGAR system, they stole them by copying the test filings to servers they controlled. For example, between May 2016 and October 2016, the defendants extracted thousands of test filings from the EDGAR servers to a server they controlled in Lithuania. (Source: U.S. Department of Justice)