A Russian IT specialist with Kremlin ties was charged by federal prosecutors in Boston with leading an insider trading ring that made millions of dollars in profits by hacking into systems used by public companies to file quarterly earnings reports.
Authorities charged Vladislav Klyushin and four others with gleaning material nonpublic information about company performance announcements and trading ahead of the news. One of the others charged, an employee of Klyushin’s named Ivan Ermakov, 35, a former Russian military intelligence officer, was previously charged for his alleged role in hacking and an influence effort related to the 2016 presidential election, according to the U.S.
Klyushin, a 41-year-old from Moscow, was extradited by the U.S. from Switzerland on Dec. 18, according to prosecutors. The four other co-defendants remain at large. Before the charges were announced, Klyushin’s lawyer, Oliver Ciric, has said his client views the allegations as a politically motivated pretext by U.S. intelligence to get access to confidential Russian information his client has.
According to a Federal Bureau of Investigation affidavit, the defendants allegedly hacked two U.S. filing agents to obtain access to drafts of earnings press releases of several publicly traded companies, including International Business Machines Corp., Snap Inc., Tesla Inc., Microsoft Corp. and Horizon Therapeutics Plc.
The defendants used the information obtained by hacking to buy shares of companies before they disclosed positive financial results, and shorted companies before they reported negative results, according to the U.S. The defendants are accused of using banks and brokerages in Cyprus, Denmark, Portugal, Russia and the U.S.
The two filing agents aren’t named. One of the multiple Interactive Brokers account used in the operation “traded ahead of the earnings announcements of approximately 149 companies with a 66% success rate,” according to the affidavit. That account generated $4.6 million in profit, the affidavit says.
The Russian Embassy in Washington didn’t immediately respond to a request for comment.
Russian state contracts show that a company associated with Klyushin called M-13 provided a media monitoring system to the Defense Ministry, as well as services to the National Guard, the Prosecutor General’s Office, the Justice Ministry and Moscow city government. Kremlin spokesman Dmitry Peskov told the Vedomosti newspaper in 2016 that the presidential administration had used M-13 to monitor social media.
Klyushin, Ermakov and co-defendant Nikolai Rumiantcev were all listed as employees of M-13, which purports to be an IT company based in Moscow, according to the affidavit.
M-13 provided cybersecurity services for Russian government agencies and also offered “penetration testing” services, which simulate hacking attempts, according to the U.S. The company claimed it could emulate Advanced Persistent Threats — a term often used to describe state-backed hackers. Klyushin was M-13’s first deputy general director, according to the affidavit.
The firm also offered “investment management services” in exchange for as much as 60% of the profits, according to prosecutors. Two of the defendants discussed the profits they allegedly earned trading on behalf of two men, according to the affidavit.
“Boris earned $989k on 500k,” Klyushin told Ermakov in an online chat, according to the affidavit. “Sasha $693k on 1 million [smile]. They don’t even ask why anymore.”
In another exchange, Klyushin and Ermakov allegedly discussed buying real estate in Moscow.
“Apartment is cool,” Klyushin wrote, according to the U.S. “We’ll earn and then we can buy [it].”
“No need to,” Ermakov allegedly replied. “Just turn on the computer [three smiles].”
Other companies the defendants used hacked information to trade on include Proofpoint Inc., Box Inc., Nanometrics Inc. and Getty Realty Corp., according to the U.S.