Security News

Russian hacker pleads guilty in ‘massive’ stock market cyberattack

Jeff Elder, 28 September 2019

Financial institutions and a news agency were used to artificially inflate the value of a stock

This week a Russian hacker pleaded guilty in what the U.S. Department of Justice called “a massive computer hacking campaign targeting U.S. financial institutions, brokerage firms, financial news publishers, and other companies.” 

The Southern District of New York case includes dramatic events in which Andrei Tyurin made “an effort to artificially inflate the price of certain stocks” and then “marketed the stocks in a deceptive and misleading manner” to customers whose contact information he stole from companies including an unnamed major financial news agency.    

"We are not talking about a typical data theft cybercrime. These are really elaborate plots that involve corporate espionage and the spreading of rumors and fake news." – Avast Cybersecurity Evangelist Luis Corrons

Tyurin’s attorney, Florian Miedel, said in a statement sent to the Avast Blog that his client was “hired by the originators and brains of the scheme” and that he “played a limited role in this far-reaching conspiracy.”

The hacker was charged with other suspects, including Gery Shalon, whom the DOJ identified as operating various criminal enterprises. A DOJ spokeswoman told the Avast Blog that only Tyurin took a plea bargain deal. It is unclear how much he is cooperating with prosecutors. He is scheduled to be sentenced in February.     

This is not the first time hackers have attempted a large-scale hack of stocks and financial systems. In January, the Securities and Exchange Commission brought charges against nine defendants in a scheme to hack into the SEC’s computer system and newswire services. The threat that hackers pose to stock markets is believed to be a serious enough danger to national security that The Wall Street Journal reported in 2017 the Pentagon is working with white-hat, ethical hackers to protect against hacks of financial systems. 

Prosecutors said the scope of this operation was noteworthy. In 2016, Preet Bharara, the United States attorney for the Southern District of New York, called the scheme “securities fraud on cybersteroids,” and said the group had perpetrated “the largest theft of personal information from U.S. financial institutions ever.”

The case: 

  • Targeted major financial institutions, brokerage firms, and news agencies
  • Included the theft of personal information from 100 million consumers
  • Lasted three years, from 2012-2015

But nothing stood out as much as the lengths the criminals went to in manipulating the stock market. Some 2.5 million shares of an unnamed stock were used in the scheme, and a broad audience of subscribers to a financial news agency’s email were misled about its value. Prosecutors say the fraudulent emails were sent to a wide readership and hackers stole 10 million email addresses from the news agency. 

“This is a very interesting criminal case. We are not talking about a typical data theft cybercrime,” said Avast Cybersecurity Evangelist Luis Corrons. “These are really elaborate plots that involve corporate espionage and the spreading of rumors and fake news. And we only hear of the cases that are discovered. It’s unknown how many plots could be unfolding without anyone noticing.”

The DOJ said the “effort to artificially inflate the price of certain stocks publicly traded in the U.S.” and the other parts of the scheme rewarded the criminals with “hundreds of millions of dollars in illicit proceeds.”