Vulnerabilities / Threats
12/17/2010
01:04 PM
50%
50%

FBI Arrests Four For Insider Trading

Federal authorities allege tech firm insiders sold confidential information relating to Apple, AMD, Dell, Flextronics, and Taiwan Semiconductor.

Federal Bureau of Investigation (FBI) authorities have arrested multiple people on charges of insider trading, including selling confidential information about Apple, AMD, Dell, Flextronics, and Taiwan Semiconductor Manufacturing Company, for a total of more than $400,000.

A complaint unsealed in Manhattan federal court on Wednesday alleges that four insiders at technology companies participated in telephone calls with clients of investment research firm Primary Global Research (PGR) in the guise of "consulting," and that those customers included at least two hedge funds, which were not named in the complaint.

On Wednesday, authorities made four arrests related to the charges outlined in the complaint. These include Mark Anthony Longoria, who worked for Advanced Micro Devices (AMD), Water Shimoon of Flextronics, and Manosha Karunatilaka, who was employed by Taiwan Semiconductor Manufacturing Company. According to the complaint, Longoria received $200,000 from PGR, while the others respectively netted $22,000 and $35,000.

In addition, authorities announced that last Friday, Daniel Devore -- formerly a global supply manager for Dell, and who likewise worked as a consultant for PGR -- pled guilty to wire fraud and conspiracy to commit wire fraud and securities fraud charges. They said Devore received about $145,750 from PGR for providing confidential information.

Also arrested on Wednesday was James Fleishman, VP of sales at PGR. Authorities allege that he arranged meetings between the consultants trading in insider information and PGR's clients, and have charged him with wire fraud and conspiracy charges for conspiring to provide confidential information to those clients.

"Today's charges allege that a corrupt network of insiders at some of the world's leading technology companies served as so-called 'consultants' who sold out their employers by stealing and then peddling their valuable inside information," said Manhattan U.S. Attorney Preet Bharara in a statement.

"The information trafficked by the four 'consultants' went way beyond permissible market research; it was insider information," said FBI assistant director-in-charge Janice K. Fedarcyk in a statement. "And the fifth defendant was directly involved in the transfer of inside information from the consultants to hedge funds and other end users."

For example, the complaint alleges that Shimoon sold Apple's sales forecast data, as well as forthcoming iPhone features. It also mentions "cooperating witnesses" who detailed phone calls with Longoria, during which he shared AMD's "revenue information, average sales prices, product sales figures, and gross margin information."

SEE ALSO:

Defense Department Aligning Insider Threat Detection

Former IT Director Imprisoned For Hacking Employer's Servers

DARPA Developing Tech To Stop Insider Threats

Feds Bust Akamai Insider

Database Admin Gets 12 Months For Hacking Employer

Internal Sabotage Security Risks Rising

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.