Russian Cybercriminal Faces Decades in Prison for Hacking and Trading Operation
Vladislav Klyushin and co-conspirators used SEC filings stolen from the networks of Tesla, Roku, and other publicly traded companies to earn nearly $100 million in illegal trades.
February 15, 2023
A former cybersecurity entrepreneur from Russia has been convicted for crimes related to insider trading conducted using information stolen from US computer networks, ultimately earning him and his co-conspirators nearly $100 million.
A jury in a US District Court in Boston convicted Vladislav Klyushin, aka Vladislav Kliushin, of conspiring to obtain unauthorized access to computers and to commit both wire fraud and securities fraud, according to the United States Attorney's Office, District of Massachusetts. He also was convicted on substantive counts of obtaining unauthorized access to computers, wire fraud, and securities fraud.
“The jury saw Mr. Klyushin for exactly what he is — a cybercriminal and a cheat," US Attorney Rachael S. Rollins said in a statement. "He repeatedly gamed the system and finally got caught."
The charges of securities fraud and wire fraud alone each provide sentence of up to 20 years in prison, while other charges each provide lesser penalties of up to five years in prison. All the charges also include substantial fines. Klyushin, 42, will face sentencing May 4.
Authorities arrested Klyushin in Sion, Switzerland, on March 21, 2021, as he was about to embark on a ski trip; he was extradited to the US later that year on Dec. 18. His conviction comes after a 10-day jury trial presided in a US District Court in Massachusetts.
Klyushin was charged alongside co-conspirators Ivan Ermakov and Nikolai Rumiantcev, former business colleagues who were employed at Klyushin's Moscow-based IT firm M-13, which offered penetration testing and so-called "advanced persistent threat emulation," according to its website. Two others involved in the crimes, Mikhail Vladimirovich Irzak and Igor Sergeevich Sladkov, also have been charged in a separate indictment; all four of Klyushin's co-conspirators remain at large.
M-13 did business with the Kremlin, which the company's website officially indicated as the Administration of the President of the Russian Federation and the Government of the Russian Federation, authorities said. Other customers included various federal ministries and departments as well as regional government bodies, in addition to commercial organizations and public entities.
Trading Scam
Klyushin and his colleagues also had an overtly nefarious side hustle: For about two and a half years between January 2018 and September 2020, they hacked into the computer networks of publicly traded companies — including Tesla, Capstead Mortgage, SS&C Technologies, Roku, and Snap Inc. — and used earnings and other information included in SEC files stolen from these attacks to make illegal trades on stock exchanges, including Nasdaq and the NYSE, according to trial evidence.
The attacks involved deploying malware that could harvest and steal employee login information to gain access to victim networks; from there, they stole earnings reports to gain access to information before it was made public.
The cybercriminals used proxy networks outside of Russia to conceal the origin of the activity, with many of the illegally obtained reports downloaded through a computer server located in downtown Boston — hence the site of the trial.
Armed with the information they stole, Klyushin and his cohorts used a company's financial performance data to know whether its share price would rise or fall, then traded based on that info via various brokerage accounts distributed across several countries —including Cyprus, Denmark, Portugal, Russia, and the US. When conducting business, the cybercriminals misled brokerage firms about the nature of their trading activities, according to trial evidence.
How Their MO Ultimately Exposed Them
Authorities ultimately learned what the crew was doing based on their patterns of trading and the return on investment, which ultimately gave them away, trial evidence revealed. For instance, the times of their profitable trades corresponded with the times in which the targeted companies reported being hacked, according to authorities.
Moreover, while Klyushin and his cohorts were raking it in — earning a return of more than 900% based on close to $100 million in earnings traded from $9 million in investment — the overall stock market wasn't doing nearly that well, authorities said. During the period of their crimes, the market returned just over 25%, they said.
Additionally, of the more than 2,000 earnings events around which Klyushin and his co-conspirators traded during the period of their activity, the victim filing agents filed more than 97% with the SEC. During the trial, testimony indicated that the odds of this trading pattern occurring without a relationship between the trading and the company itself was less than one in a trillion, according to authorities.
Of the total earned by the co-conspirators, Klyushin individually netted more than $38 million, including nearly $23 million on his personal trading and trading for M-13. He also earned more than $13 million on money he invested for others.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024