SHARE THIS ARTICLE Share Tweet Post Email

The e-mail from Kiev offered a tantalizing prize: the formula for a new kind of Wall Street crime.

“Log-in data will be sent to the e-mail you leave,” the attached video said in Russian.

So began what authorities are calling an unprecedented scheme combining digital-age cybercrime with old-fashioned insider trading.

Five traders in the U.S. were arrested early Tuesday in connection with the alleged plot, which federal officials characterized as one of the most sophisticated trading rings ever seen. The supposed take: as much as $100 million.

As authorities tell it, how the suspects pulled off their crimes seems at once mindbogglingly complex and fiendishly simple. In essence, the overseas hackers behind the scheme stole information and built an entire online business around it -- a sort of Amazon of insider trading. They even went so far as to create a video tutorial for using their illicit products.

Working from Ukraine, the hackers infiltrated several widely used U.S. newswire systems and over five years purloined tens of thousands of corporate press releases before the news was made public. They then sold that market-sensitive information to a league of traders on both sides of the Atlantic, authorities say.

In a season of high-profile computer breaches at major corporations, the case further underscores the technological vulnerabilities of systems at the heart of the 21st-century economy. For Wall Street and the authorities who police it, the development also sends a sobering message: insider-trading schemes, as old as markets themselves, have entered a new era.

‘International Scheme’

“This international scheme is unprecedented in terms of the scope of the hacking, the number of traders, the number of securities traded and the profits generated,” Mary Jo White, the chair of the Securities and Exchange Commission, said Tuesday at a press conference. The agency sued 17 individuals in a civil complaint, and prosecutors brought criminal charges against nine of them. The hackers and some defendants remain at large.

SEC Chair Mary Jo White speaks during a press conference on the international scheme, on Aug. 11, 2015 in Newark. Photographer: Kena Betancur/Getty Images

The story begins just as another era of insider trading was reaching its climax. The e-mail from Ukraine was allegedly sent by a young hacker there in October 2010, as the billionaire Raj Rajaratnam was facing trial in the U.S. in one of the most watched insider-trading cases since the days of Ivan Boesky. What that hacker, identified by authorities as Ivan Tuchynov, was offering was a high-tech version of the same scheme. Tuchynov, who was criminally charged, is believed to be in Ukraine.

Earnings Reports

According to authorities, the hackers used a variety of common tactics to infiltrate the computer servers of three systems used by many corporations to release news such as earnings reports, mergers and acquisitions and executive changes. They phished, installed malware, stole passwords -- all to gain secret access to PR Newswire Association LLC, Marketwired and Business Wire, a unit of Berkshire Hathaway Inc., which together are used to issue thousands of corporate releases every day.

The information in those press releases proved highly valuable -- so valuable that the hackers quickly built an online business around it. They were brazen enough that they created a video tutorial on how to access the pilfered data, according to prosecutors. The Russian-language video, which was shared by e-mail, showed the desktop of a computer screen as a user took steps to retrieve the stolen files.

Business Wire and PR Newswire said they’re cooperating with prosecutors and examining their security systems. Marketwired said it also cooperated and fixed “the issue at the heart of this matter.”

Lucrative Trades

Prosecutors described a number of lucrative trades made ahead of quarterly earnings reports, including one, in 2012, in Caterpillar Inc. shares that netted $1 million. The company’s announcement -- on a server for less than 24 hours -- had been pilfered by the hackers and sold to traders. A spokeswoman for Caterpillar didn’t return a call and e-mail seeking comment.

The 2010 e-mail from Tuchynov was an invitation to would-be insider traders, prosecutors said. Other exchanges disclosed by prosecutors show the hackers and various co-conspirators discussing a “proprietary trading business” involving a “special day trading strategy.”

The seemingly magical system, these people wrote, made money throughout 2012. The typical trader could expect to make as much as $50,000 a month, the e-mails said.

At one point, a would-be customer told one of the hackers that something must be wrong with his business model because he was selling information too cheaply. The hacker replied that the customer had to take whatever was offered -- for now.

The traders developed a “wish list” of press releases for hackers to steal, and then quickly bought and sold shares based on what they learned, according to the indictment.

The hackers used middlemen to communicate with traders, according to the indictment. As their business thrived, they sought to expand the operation by sharing tips on other fraud schemes and recruiting new traders and hackers through Internet chats and e-mails.

Read this next:

(Updates with Marketwired comment in 12th paragraph.)