Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Fraud & Identity Theft

Georgia Trader Admits to Role in Newswire Hacking Scheme

A stock trader from Suwanee, Georgia, pleaded guilty this week to conspiracy to commit wire fraud for his role in an international hacking and trading scheme that earned participants millions of dollars.

A stock trader from Suwanee, Georgia, pleaded guilty this week to conspiracy to commit wire fraud for his role in an international hacking and trading scheme that earned participants millions of dollars.

Leonid Momotok, 48, was part of a conspiracy that involved hacking into the systems of major newswire companies in an effort to steal press releases that had yet to be published. The press releases contained financial information that the fraudsters could leverage to make highly profitable trades.

The conspiracy to commit wire fraud charge carries up to 20 years in prison, but Momotok entered a plea agreement with the prosecution and will be sentenced to a maximum of nine years. Sentencing is scheduled for December.

According to authorities, Ukraine-based hackers broke into the systems of Marketwired, PR Newswire and Business Wire between February 2010 and August 2015 and stole as many as 150,000 press releases. The hackers sent press releases containing nonpublic financial information to several traders who quickly monetized it.

A civil case filed by the U.S. Securities and Exchange Commission (SEC) names 34 people who allegedly made $100 million in unlawful profits. In a separate case, the Justice Department charged nine people, including Momotok and four other U.S. residents, suspected of making $30 million.

Arkadiy Dubovoy, Alexander Garkusha and Igor Dubovoy, all of them from Alpharetta, Georgia, have also pleaded guilty to charges brought against them by the Justice Department.

In May, 28-year-old Ukrainian national Vadym Iermolovych admitted being one of the hackers involved in this scheme. Iermolovych pleaded guilty to conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. The suspect, who claimed to have hacked newswires over the course of three months in 2013, was arrested in November 2014 in connection with other hacking and payment card related charges.

In the SEC case, Ukraine-based Jaspen Capital Partners Limited and its CEO, Andriy Supranonok, agreed to pay $30 million to settle the charges brought against them. They are believed to have made roughly $25 million buying and selling contracts-for-differences (CFDs) using information obtained from the leaked press releases.

Related: Nigerian Behind $60 Million Online Fraud Network Arrested

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...