Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Ukrainian Pleads Guilty in Hack-for-Profit Scheme

A Ukrainian national has pleaded guilty to charges of hacking into databases holding unpublished company press releases to gain insider information that led to $30 million in illicit gains, officials said.

A Ukrainian national has pleaded guilty to charges of hacking into databases holding unpublished company press releases to gain insider information that led to $30 million in illicit gains, officials said.

The US Department of Justice said 28-year-old Vadym Iermolovych pleaded guilty Monday before a federal judge in New Jersey to charges of conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft.

Officials said Iermolovych was arrested in November 2014 in what was the largest known hacking scheme for securities fraud.

According to investigators, the Ukrainian was part of a team that broke into the networks of Marketwired, PR Newswire, and Business Wire to steal press releases containing confidential financial information before release to the public.

The hackers worked with traders who bought or sold stocks with the inside information, often minutes before the press releases were published, officials said.

The traders created “shopping lists” or “wish lists” for the hackers on upcoming press releases for publicly traded companies, investigators found.

Five other members of the conspiracy –- two computer hackers and three securities traders –- have been charged in the scheme in New Jersey federal court.

Two other Ukrainians, Arkadiy Dubovoy and Igor Dubovoy, pleaded guilty to wire fraud conspiracy charges earlier this year, according to officials.

Advertisement. Scroll to continue reading.

A related indictment in New York has charged four securities traders with using insider information.

The indictments said the scheme took place between February 2010 and August 2015, with hackers using a series of targeted cyber-attacks, including bogus emails to gain passwords, a technique known as “phishing,” and sought unpublished data on earnings, profit margins, revenues, and other confidential information.

Iermolovych’s sentencing was scheduled for August 22. He faces up to 20 years in prison on the wire service charge and a fine related to the profits from the crime. The identity theft charge carries a mandatory penalty of two years in prison on top of any other sentence.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.