Marketwired, PR Newswire, Business Wire hacked in $US100m trading scam

AN INTERNATIONAL team of computer hackers and stock traders was charged with pocketing more than $US100 million in illicit profits based on stolen market-moving financial information, US officials announced Tuesday.

The Department of Justice charged nine people in a criminal conspiracy with making more than $US30 million in illegal trades on the pilfered information.

A parallel civil case from the US Securities and Exchange Commission listing 32 defendants said the scheme yielded over $US100 million in unlawful profits.

The conspiracy was engineered by a pair of hackers in Ukraine who successfully penetrated the computer systems of Marketwired, PR Newswire and Business Wire, which distribute press releases for major publicly traded companies, the officials said.

“The defendants were a well-organised group that allegedly robbed the newswire companies and their clients and cheated the securities markets and the investing public by engaging in an unprecedented hacking and trading scheme,” said US Attorney Paul Fishman.

“The defendants launched a series of sophisticated and relentless cyber attacks against three major newswire companies, stole highly confidential information and used (it) to enrich themselves at the expense of public companies and their shareholders.” The Ukraine-based hackers stole some 150,000 press releases from February 2010 through this year that contained non-public information critical to stock valuation, the DOJ said.

The hackers then sold the stolen data to traders, at times being compensated with a flat fee and other times with a percentage of profits from trades, the SEC said.

Besides the two hackers, DOJ indictments cite seven defendants from Ukraine and the US states of Georgia, Pennsylvania and New York.

Five of the defendants have been arrested, said a spokesman for the US lawyer in New Jersey. The other four defendants remain in Ukraine, and international arrest warrants were issued for their arrests, the Justice Department said.

The SEC complaint, filed in a New Jersey federal court on Monday and unsealed Tuesday, lists the same defendants, plus additional trading defendants, including in France and Russia.

“The hacker defendants stole the press releases and passed them to the trader defendants in the window of time between when the press releases were uploaded to the newswire service’s system and when the press releases were publicly issued,” the SEC complaint said.

“As a result, the trader defendants had an unfair trading advantage over other market participants.”

Inside scoop

Hackers stole newswires’ employee login identities and introduced malware in the systems. They also created an instructional video for their cohorts on how to access the stolen information, the DOJ indictment said.

Defendants in the DOJ case pocketed about $US648,000 in October 2011 in gains in Caterpillar stock after buying shares of the industrial heavyweight based on a stolen press release that said quarterly net income rose 27 per cent. Shares of Caterpillar rose $US4.38 after the earnings were released.

In October 2013, defendants in the DOJ case made about $US1 million after accessing early a Panera Bread press release that slashed its earnings forecast. Prior to the public release of the information, the defendants “shorted” or bet, that shares would fall.

In the 24 hours after the Panera statement was released, shares of the bakery chain fell 6.8 per cent.

The hack on the financial newswires comes amid a barrage of attacks on targets that have ranged from the US government to banking giant JPMorgan Chase and retailer Target.

The financial newswires said they had cooperated with US authorities. “Despite extreme vigilance and commitment, recent events illustrate that no one is immune to the highly sophisticated illegal cyber-intrusions that are plaguing every aspect of our society,” said Business Wire chief executive Cathy Baron Tamraz.

Marketwired said it had “found and fixed the issue at the heart of this matter and we are confident that Marketwired is protected by world-class security, monitoring and prevention practices.”

“At PR Newswire, we take security very seriously and are dedicated to protecting our information and systems,” said chief executive Robert Gray.

“As cybersecurity threats continue to evolve, so will our information security practices.”