Hackers charged after pocketing $100m from stolen material

Two Ukraine-based hackers have been identified as the leaders of a nine-man syndicate which stole media releases from three major newswire companies, and on-sold them to cheat the securities market, raking in $100 million from illegal sales.
Written by Asha Barbaschow, Contributor

An international team of computer hackers and stock traders has been charged with pocketing more than $100 million in illicit profits made from on-selling stolen market-moving media releases.

The US Department of Justice said that in addition to the two Ukraine-based ring-leaders, seven defendants from Ukraine and the United States were involved in the criminal conspiracy, making more than $30 million in illegal trades on the pilfered information.

Marketwired, PR Newswire, and Business Wire -- which distribute press releases for major publically traded companies -- had its systems penetrated by a pair of Ukraine-based hackers who stole 150,000 press releases from as far back as 2010. The Department of Justice said that many of the stolen press releases contained non-public, critical information relating to stock valuation.

"The defendants were a well-organised group that allegedly robbed the newswire companies and their clients and cheated the securities markets and the investing public by engaging in an unprecedented hacking and trading scheme," US attorney Paul Fishman said.

"The defendants launched a series of sophisticated and relentless cyber attacks against three major newswire companies, stole highly confidential information, and used [it] to enrich themselves at the expense of public companies and their shareholders."

A parallel civil case from the US Securities and Exchange Commission listing 32 defendants said the scheme yielded over $100 million in unlawful profits, as a result of the hackers selling the stolen data to traders.

The justice department also said the hackers stole newswires' employee login identities and introduced malware in the systems and the attackers also created an instructional video for their cohorts on how to access the stolen information.

According to a spokesperson for the US attorney, five of the defendants have been arrested, and the Justice Department confirmed that the other four remain in Ukraine, with international arrest warrants issued.

Home media streaming and sharing service, Plex -- which allows users to stream their media collection across multiple devices -- also fell victim to a hack on the first of July. The server which hosts the Plex support forum and blog was compromised, with the attackers allegedly gaining access to IP addresses, private messages, email addresses, and hashed and salted encrypted passwords from forum users.

The alleged hacker, dubbed "savaka," took responsibility for the attack and said they were able to "obtain all of your data, customers as well as software and files", demanding 9.5 bitcoins from the company, threatening to dump its stolen data on multiple torrent networks if payment were not received.

Extramarital affairs website Ashley Madison fell victim to a high-profile cyberattack as well, which was claimed by a hacking squad called The Impact Team. The team of hackers threatened to drip-feed its stolen information to the public if the site did not shut down.

Allegedly, The Impact Team targeted the discreet affairs website to disprove a claim it made that if a user were to pay $19, their user information would disappear.

"Full Delete netted Ashley Madison $1.7 million in revenue in 2014, it's also a complete lie," the hackers wrote. "Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed."

Chinese hackers were blamed for a massive data breach from the US Office of Personnel Management, the federal agency responsible for vetting about 90 percent of the people for working in the federal government. The data of potentially 18 million current, former, and prospective US federal employees was taken in the attack.

Just last week, the Internet Corporation for Assigned Names and Numbers (ICANN) fell victim to its second cyberattack in 12 months. ICANN admitted on Thursday that within the past week, usernames, email addresses, and encrypted passwords for profile accounts on its public website were obtained by an "unauthorised person", expecting that user preferences, public biographies, interests, newsletters, and subscriptions would be amongst the leaked information.

With AAP

Editorial standards