Man Charged in $82M Hacking, Insider Trading Scheme

Hackers accessed earnings from Tesla, Snap Inc., Roku and other U.S. companies before they became public.

Tesla Superchargers in Austin, Texas, March 2021.
Tesla Superchargers in Austin, Texas, March 2021.

BOSTON (AP) — One of five Russian nationals who authorities allege made tens of millions of dollars in illegal profits by trading shares of companies using information stolen during hacks of U.S. computer networks has been extradited to the U.S. to answer to the charges, federal prosecutors in Boston announced Monday.

Vladislav Klyushin, 41, whose last name is sometimes spelled Kliushin, was arrested in Sion, Switzerland, on March 21 and was extradited to the U.S. on Dec. 18, acting U.S. Attorney for Massachusetts Nathaniel Mendell said.

“In simple terms, they hacked into U.S. networks, stole inside information, and cheated honest investors out of millions of dollars,’’ Mendell said at a news conference.

No defense attorney was listed for Klyushin in online court records.

According to the U.S. Securities and Exchange Commission, which filed parallel fraud charges against the defendants Monday, they made a total of $82 million through the scheme from 2018 through 2020.

The other four suspects remain at large, U.S. authorities said.

One of them is a former officer in the Russian Main Intelligence Directorate, known as the GRU, who was previously charged in July 2018 for his alleged role in a Russian effort to meddle in the 2016 U.S. elections, prosecutors said.

He was also charged in connection with an alleged role into a hacking campaign that targeted international anti-doping agencies, sporting federations, and anti-doping officials, prosecutors said.

The information in the new case was acquired through unauthorized intrusions into the computer networks of two U.S.-based vendors that publicly traded companies use to make filings through the Securities and Exchange Commission, prosecutors said.

The defendants accessed earnings-related files of several notable U.S. companies including Tesla, Snap Inc., Roku, Nielsen and Kohl’s days before earnings reports were made public, according to an FBI affidavit in the case.

On several occasions, the hackers used computer servers located in Massachusetts, according to the FBI affidavit.

By getting a company's financial information ahead of time, the defendants were able to make trades using brokerage accounts, sometimes in their own names, based on whether a company's shares would likely rise or fall following the public disclosure of the information, prosecutors said.

If a company was about to release positive financial results, they would buy shares of that company, and if a company was about to report poor results, they would sell, according to authorities.

Klyushin and two of the other defendants worked at M-13, a Moscow-based information technology company that purported to provide services to detect vulnerabilities in computer systems, and counted among its clients the Russian government, prosecutors said.

To access the vendor systems, they deployed malicious infrastructure to gather employees’ usernames and passwords, which they then used to misrepresent themselves as employees in order to obtain access to the computer networks, and also used various methods to conceal their activities, prosecutors said.

Klyushin is charged with conspiring to obtain unauthorized access to computers, and to commit wire fraud and securities fraud, and with obtaining unauthorized access to computers, wire fraud and securities fraud, prosecutors said.

More in IoT