According to the District of Massachusetts U.S. Attorney’s Office, Klyushin and his cohorts hacked U.S.-based networks to obtain information on companies — including Tesla, Snap Inc., and Roku — and used pre-released earnings reports and other information to create dozens of illegal stock trades. Armed with this kind of information, prosecutors said, “Klyushin and his co-conspirators knew ahead of time, among other things, whether a company’s financial performance would meet, exceed or fall short of market expectations — and thus whether its share price would likely rise or fall.” The Attorney’s Office said he was among five total charged in the global scheme, and the only one to have been captured and convicted so far. Klyushin faces up to 20 years in prison, with the sentencing set for May 4, 2023.
Leveraging Insider Information to Make Gains
Klyushin was arrested in Switzerland in March 2021, and extradited to the U.S. in December 2021 to face federal charges in Boston. Klyushin was charged and convicted of conspiring to obtain unauthorized access to computers, wire fraud, and securities fraud. Companies regularly file quarterly and annual earnings reports with the Security and Exchange Commission (SEC) and the general public, which can cause wild swings in stock prices. Between January 2018 and September 2020, prosecutors said, Klyushin and his team used stolen insider information from publicly traded companies on U.S. national securities exchanges, including the NYSE and NASDAQ, “in advance of public earning announcements.” Reports from some big-name companies were affected, including Tesla, Roku, Snap Inc., Capstead Mortgage Corp, SS&C Technologies and others. Prosecutors allege that Klyushin and his team breached two U.S.-based filing agents that publicly traded companies use to file their earnings reports. They reportedly did so by deploying malicious software that harvested and stole employees’ login credentials, and hid their activity by conducting the hacking via proxy networks outside of Russia. “Many of the illegally obtained earnings reports were downloaded through a computer server located in downtown Boston,” the U.S. Attorney’s Office said. Oftentimes, cybercriminals will also use a type of ‘intermediary’ to hide their tracks, known as a virtual private network or VPN. Custom VPNs used for cybercrime can be purchased on dark web marketplaces, as can custom messaging applications. Four other Russian co-conspirators were charged as well, all of whom remain at large. Klyushin was charged alongside two other Russian co-conspirators, Ivan Ermakov and Nikolai Rumiantcev, while the other two, Mikhail Vladimirovich Irzak and Igor Sergeevich Sladkov, were charged in a separate indictment. Ermakov was also charged with hacking and disinformation campaigns focusing on international anti-doping agencies, sporting federations, and anti-doping officials, the U.S. Attorney’s Office said.
Moscow-based ‘IT Solutions’ Company M-13 Owned by Klyushin
Prosecutors said Klyushin and his co-conspirators Ermakove, and another individual named Nikolai Rumiantcev worked at a Moscow-based ‘IT solutions’ company owned by Klyushin called M-13 reportedly serving the interests of Vladimir Putin and the state of Russia. The company offered penetration testing and APT (Advanced Persistent Threat group) emulation, which are services that search for exploitable software vulnerabilities in a computer system, prosecutors added. “In addition to these services, Klyushin invested the money of several investors in his hack-to-trade scheme, and took a 60 percent cut of their profits,” prosecutors said. Klyushin and co. distributed their illegal trading across banks and brokerages in Portugal, Cyprus, Denmark, Russia and the U.S. while misleading brokerage firms, prosecutors added. Financial fraud is a complex game made easy thanks to internet brokerages and cryptocurrency transactions. A February 2022 report by Chainalysis noted that the city of Moscow is one of the largest financial fraud hubs in the world, raking in $700 million between 2019 and 2021. If you would like to know more about international schemes, take a look at our article on how the world’s biggest countries deal with online financial fraud.
