NEWARK, N.J. - An international web of hackers and traders was charged by U.S. authorities Tuesday with making $100 million by breaking into the computers of business newswire services, reading corporate press releases before they came out, and then trading on that information ahead of the pack on Wall Street.
Federal authorities said it was the biggest scheme of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is vulnerable to cybercrime.
Nine people in the U.S. and Ukraine were indicted on federal criminal charges, including securities fraud, computer fraud and conspiracy. And the U.S. Securities and Exchange Commission brought related civil charges against the nine plus 23 other individuals and companies.
The case “illustrates the risks posed for our global markets by today's sophisticated hackers,” SEC chief Mary Jo White said. “Today's international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated.”
The nine charged with criminal offences include two people described as Ukrainian computer hackers and six stock traders, all but one of them in the United States. Prosecutors said the defendants made $30 million from their part of the scheme.
At the same time, the SEC brought a lawsuit that lays out a sprawling network of hackers and traders stretching from the U.S. to Russia and Ukraine, France, Malta and Cyprus, all accused of using the stolen advance information to make illegal trades.
Authorities said that starting in 2010 and continuing as recently as May, the hackers gained access to more than 150,000 news releases that were about to be issued by Marketwired of Toronto; PR Newswire in New York; and Business Wire of San Francisco. The news releases contained earnings figures and other information from a multitude of corporations.
The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days, prosecutors said.
In one day in 2013, for example, the group traded more than 75,000 shares of Panera Bread Co. (
NASDQ:PNRA,
Forum) stock in a little over an hour and made $900,000, authorities said.
A strong earnings report or other positive news can cause a company's stock to rise, while disappointing news can make it fall. The conspirators typically used the advance information to buy stock options, which are essentially a bet on the direction in which a stock will move, authorities said.
The hackers were paid based on how much profit the traders made, prosecutors alleged.
“This is the story of a traditional securities fraud scheme with a twist - one that employed a contemporary approach to a conventional crime,” said Diego Rodriguez, head of the FBI's New York office.
Five defendants were arrested on Tuesday, and arrest warrants were issued for four in Ukraine.
Paul Fishman, U.S. attorney for New Jersey, said the case exemplified the “intersection of hacking and securities fraud” and called the defendants “relentless and patient.”
At various times, the indictment alleges, the hackers were locked out of the news services' computer systems. According to Fishman, they eventually managed to get back in, often using simple “phishing,” or sending bogus emails with links that, if clicked on, can eventually lead a hacker to a computer user's login and password.
The thefts show how hackers are expanding their efforts beyond typical moneymaking information such as credit card and Social Security numbers.
It's also another example of how companies are often at the mercy of those they do business with. Many major hackings have been pulled off through third-party companies that have access to sensitive information.
Business Wire said it has hired a cybersecurity firm to test its systems and make sure they are secure. Marketwired and PR Newswire did not immediately return emails seeking comment.
The hacker group made more than $600,000 by trading the stock of Peoria, Illinois-based Caterpillar Inc. (
NYSE:CAT,
Forum) in 2011 using a news release that said the company's third-quarter profits had climbed 27 per cent, according to the indictment.
Similarly, the group made more than $1.4 million trading stock in San Jose, California-based Align Technology (
NASDAQ:ALGN,
Forum) in 2013 ahead of a press release that said annual revenue was up more than 20 per cent, the indictment said.
The most serious charges in the indictment, wire fraud and securities fraud, carry up to 20 years in prison.
The SEC lawsuit named 17 individuals living in the U.S., Russia and Ukraine, and 15 companies in Georgia, Pennsylvania, Russia, France, Cyprus and Malta. The SEC is seeking unspecified fines and restitution against the 32 defendants.
Stock scams are about as old as the market itself, but the combination of worldwide information technology and automated programs that can make thousands of trades in a second has created new paths for potential frauds. The U.S. government says alleged scammers have used methods including rapid trades, fake regulatory filings and news reports to get an advantage and make profits. Here are a few examples:
- In May 2010 the Dow Jones industrial average plunged 600 points in about five minutes and closed with a loss of 348 points. Regulators said the dive was triggered by a computerized selling program, and in April 2015 the U.S. government filed criminal charges against British futures trader Navinder Singh Sarao. The U.S. Department of Justice said Sarao used an automated trading program to manipulate the market and charged him with fraud and commodities manipulation. Sarao has said he was merely good at his job.
- Shares of Avon Products (
NYSE:AVP,
Forum) rose as much as 20 per cent in May after a false Securities and Exchange Commission filing said an investment firm wanted to buy the cosmetics retailer for $8 billion. That was a big premium for a company that had struggled with falling sales and reduced revenue. In May the SEC sued a Bulgarian man, Nedko Nedev, and said he and five others violated securities laws by creating fake takeover offers. The SEC said Nedev also made fake bids for Rocky Mountain Chocolate Factory (
NASDAQ:RMCF,
Forum) in 2012 and insurer Tower Group International in 2014.
- In July, Twitter's (
NYSE:TWTR,
Forum) stock climbed as much as 8.5 per cent after a fake story said the short messaging service received a $31 billion buyout offer. That, too, was a significant premium to Twitter's market cap at the time, and it came as investors worried about Twitter's losses and its user growth. The story appeared on a website that mimicked the business news page of Bloomberg. Twitter shares returned most of those gains after Bloomberg said the story was a fake.
- The same month, two men were arrested in Israel and accused of trying to cheat millions of people by driving up the price of penny stocks with sending false and misleading spam emails. A U.S. citizen was also being sought. The charges included conspiracy and securities fraud, and the SEC said the men ran at least 20 stock promotion websites. The scam was a pump-and-dump scheme designed to drive up the price of the stocks so the promoters can sell them at an inflated price before the truth comes out and the prices fall again.
Robert Heim, a former lawyer at the SEC, said these kinds of schemes will probably persist because news spreads so fast over social media and traders have to react so quickly. He compared the fake offer for Twitter to a pump and dump fraud as well.
“Instead of having a room full of cold callers calling up investors and pitching a stock, now people can set up a website in a day or so, often on their own, and publish a fake news story to be able to trade on the securities before the truth comes out.”
Automated trading programs that act based on increased trading volume and prices can magnify the effect of the scams, he added. Heim said retail investors should be careful and make sure news stories are verified before they made trades based on them.