You are here

Justice News

Department of Justice
U.S. Attorney’s Office
District of New Jersey

FOR IMMEDIATE RELEASE
Monday, May 22, 2017

Hacker Sentenced To 30 Months In Prison For Role In Largest Known Computer Hacking And Securities Fraud Scheme

NEWARK, N.J. – A Ukrainian hacker was sentenced today to 30 months in prison for his role in an international scheme to hack into three business newswires, steal yet-to-be published press releases containing non-public financial information, and use that information to make trades that generated approximately $30 million in illegal profits, Acting U.S. Attorney William E. Fitzpatrick announced.
 
Vadym Iermolovych, 29, of Kiev, Ukraine, previously pleaded guilty before U.S. District Judge Madeline Cox Arleo to a three-count information charging him with conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. Judge Arleo imposed the sentence today in Newark federal court.

According to documents filed in this case and statements made in court:

Iermolovych admitted that he was personally involved in the hacks into Marketwired L.P. (Marketwired), PR Newswire Association LLC (PRN), and Business Wire (collectively, the “Victim Newswires”). He admitted to hacking into PRN’s network between January 2013 and March 2013. He also admitted that he obtained a set of user credentials of PRN employees stolen from a computer hack into a social networking website and then used at least one of those credentials to ultimately gain access into PRN’s computer network. Iermolovych also admitted that he sold press releases stolen from the network intrusion into Marketwired, and purchased access into Business Wire’s network, all in furtherance of a larger conspiracy to profit from the stolen draft press releases.

Five other members of the conspiracy – two computer hackers and three securities traders – were charged by federal indictment brought by the District of New Jersey (DNJ). The related 23-count DNJ indictment charged Ivan Turchynov, 29, Oleksandr Ieremenko, 25, and Pavel Dubovoy, 34, all of Ukraine, as well as Arkadiy Dubovoy, 52, and Igor Dubovoy, 30, both of Alpharetta, Georgia. Arkadiy Dubovoy and Igor Dubovoy both pleaded guilty to the wire fraud conspiracy charged in Count One of the DNJ indictment on Feb. 18, 2016 and Jan. 20, 2016, respectively.

The Eastern District of New York (EDNY), in a related indictment, charged four securities traders: Vitaly Korchevsky, 51, of Glen Mills, Pennsylvania, Vladislav Khalupsky, 46, of Brooklyn, New York, and Odessa, Ukraine, Leonid Momotok, 48, of Suwanee, Georgia, and Alexander Garkusha, 49, of Cummings and Alpharetta, Georgia. Garkusha pleaded guilty to the wire fraud conspiracy charged in Count One of the EDNY indictment on Dec. 21, 2015. Momotok pleaded guilty to the same charge on Aug. 2, 2016. 

As alleged in the indictments, between February 2010 and August 2015, computer hackers based in Ukraine gained unauthorized access into the computer networks of the Victim Newswires. They used a series of targeted cyber-attacks, including “phishing” attacks and SQL injection attacks, to gain access to the computer networks. The hackers moved through the computer networks and stole press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and material information.

The hackers shared the stolen releases with the traders using overseas computer servers that they controlled. In a series of emails, the hackers even shared “instructions” on how to access and use the overseas server where they shared the stolen releases with the traders, and the access credentials and instructions were distributed amongst the traders.  The traders created “shopping lists” or “wish lists” for the hackers listing desired upcoming press releases for publicly traded companies from Marketwired and PRN.

The traders generally traded ahead of the public distribution of the stolen releases, and their trading activities shadowed the hackers’ capabilities to exfiltrate stolen press releases. In order to execute their trades before the releases were made public, the traders sometimes had to execute trades in extremely short windows of time between when the hackers illegally accessed and shared the releases and when the press releases were disseminated to the public by the newswires, usually shortly after the close of the markets.  Frequently, all of this activity occurred on the same day.  Thus, the trading data often showed a flurry of trading activity around a stolen press release just prior to its public release.

The traders traded on stolen press releases containing material nonpublic information about hundreds of companies, including Align Technology Inc., Caterpillar Inc., Hewlett Packard, Home Depot, Panera Bread Co., and Verisign Inc.

The traders paid the hackers for access to the overseas servers based, in part, on a percentage of the money the traders made from their illegal trading activities. The hackers and traders used foreign shell companies to share in the illegal trading profits.

In addition to the prison term, Judge Arleo sentenced Iermolovych to three years of supervised release and ordered him to pay restitution of $3,004,685.06.

Acting U.S. Attorney Fitzpatrick credited special agents of the U.S. Secret Service, Criminal Investigations Division, under the direction of Director Randolph D. Alles, and special agents from the U.S. Secret Service Newark Field Office, under the direction of Special Agent in Charge Mark McKevitt, with the investigation. He also thanked the U.S. Securities and Exchange Commission, for its significant cooperation and assistance in the investigation and the newswires, which cooperated with law enforcement over the course of the investigation.

The government is represented by Assistant U.S. Attorneys Daniel Shapiro, Justin Herring, and Svetlana Eisenberg of the Economic Crimes Unit, Computer Hacking & Intellectual Property Section, David M. Eskew, Chief of the General Crimes Unit, Trial Attorney Andrew S. Pak, of the Department of Justice’s Criminal Division Computer Crime and Intellectual Property Section, and Assistant U.S. Attorney Sarah Devlin of the Asset Forfeiture and Money Laundering Unit.

Defense counsel: Donna Newman Esq., New York

Topic(s): 
Cyber Crime
Component(s): 
Updated May 23, 2017