Skip to main content

SEC Charges 32 Defendants in Scheme to Trade on Hacked News Releases

Hackers, Traders Allegedly Reaped More Than $100 Million of Illegal Profits


Washington D.C., Aug. 11, 2015 —

The Securities and Exchange Commission today announced fraud charges against 32 defendants for taking part in a scheme to profit from stolen nonpublic information about corporate earnings announcements.  Those charged include two Ukrainian men who allegedly hacked into newswire services to obtain the information and 30 other defendants in and outside the U.S. who allegedly traded on it, generating more than $100 million in illegal profits.    

The SEC’s complaint unsealed today was filed under seal on August 10 in U.S. District Court in Newark, N.J., and the court entered an asset freeze and other preliminary relief that day.

“This international scheme is unprecedented in terms of the scope of the hacking, the number of traders, the number of securities traded and profits generated,” said Securities and Exchange Commission Chair Mary Jo White.  “These hackers and traders are charged with reaping more than $100 million in illicit profits by stealing nonpublic information and trading based on that information. That deception ends today as we have exposed their fraudulent scheme and frozen their assets.”

The SEC charges that over a five-year period, Ivan Turchynov and Oleksandr Ieremenko spearheaded the scheme, using advanced techniques to hack into two or more newswire services and steal hundreds of corporate earnings announcements before the newswires released them publicly.  The SEC further charges that Turchynov and Ieremenko created a secret web-based location to transmit the stolen data to traders in Russia, Ukraine, Malta, Cyprus, France, and three U.S. states, Georgia, New York, and Pennsylvania.  The traders are alleged to have used this nonpublic information in a short window of opportunity to place illicit trades in stocks, options, and other securities, sometimes purportedly funneling a portion of their illegal profits to the hackers.

“This cyber hacking scheme is one of the most intricate and sophisticated trading rings that we have ever seen, spanning the globe and involving dozens of individuals and entities,” said Andrew Ceresney, Director of the SEC’s Division of Enforcement.  “Our use of innovative analytical tools to find suspicious trading patterns and expose misconduct demonstrates that no trading scheme is beyond our ability to unwind.”

In parallel actions, the U.S. Attorney’s Office for the District of New Jersey and the U.S. Attorney’s Office for the Eastern District of New York today announced criminal charges against several of the defendants in the SEC’s action, including Turchynov and Ieremenko, and traders in the U.S. and Ukraine – Arkadiy Dubovoy, Igor Dubovoy, Pavel Dubovoy, Vitaly Korchevsky, Vladislav Khalupsky, Aleksandr Garkusha, and Leonid Momotok. 

According to the SEC’s complaint, Turchynov and Ieremenko hid the intrusions by using proxy servers to mask their identities and by posing as newswire service employees and customers.  The two allegedly recruited traders with a video showcasing their ability to steal the earnings information before its public release.  The complaint charges that in return for the information, the traders sometimes paid the hackers a share of their profits, even going so far as to give the hackers access to their brokerage accounts to monitor the trading and ensure that they received the appropriate percentage of the profits.  The complaint charges that the traders sought to conceal their illicit activity by establishing multiple accounts in a variety of names, funneling money to the hackers as supposed payments for construction and building equipment, and trading in products such as contracts for difference (CFDs).                                               

At times, the hackers and traders had a very narrow window of opportunity to extract and use the allegedly hacked information.  In one particularly dramatic instance on May 1, 2013, the hackers and traders allegedly moved in the 36-minute period between a newswire’s receipt and release of an announcement that a company was revising its earnings and revenue projections downward.  According to the SEC’s complaint, 10 minutes after the company sent the still-confidential release to the newswire, traders began selling short its stock and selling CFDs, realizing $511,000 in profits when the company’s stock price fell following the announcement.  

The SEC’s complaint charges each of the 32 defendants with violating federal antifraud laws and related SEC antifraud rules and seeks a final judgment ordering the defendants to pay penalties, return their allegedly ill-gotten gains with prejudgment interest, and be subject to permanent injunctions from future violations of the antifraud laws.

The SEC’s investigation was conducted by Market Abuse Unit staff Jason Burt, Kelly Gibson, Lynn O’Connor, James Scoggins, Jonathan Warner, Darren Boerner, John Marino, John Rymas and Mathew Wong, Complex Financial Instruments Unit staff Creola Kelly and Daniel Koster, Enforcement staff in the SEC’s Washington, D.C., office – Mark Cave and Jeffrey Weiss, Denver Regional Office staff Dan Konosky, and IT Forensics staff Ken Zavos, with assistance from the Office of International Affairs.  The case was supervised by Joseph Sansone, Acting Co-Chief of the SEC Enforcement Division’s Market Abuse Unit and Reid Muoio, Deputy Chief of the SEC Enforcement Division’s Complex Financial Instruments Unit.  David Axelrod and John Donnelly of the Philadelphia Regional Office are leading the SEC’s litigation.  The SEC appreciates the assistance of the U.S. Attorney’s Offices for the District of New Jersey and the Eastern District of New York, Federal Bureau of Investigation, The Department of Homeland Security and the U.S. Secret Service, the Financial Industry Regulatory Authority, the United Kingdom Financial Conduct Authority, and the Danish Financial Supervisory Authority. 


Return to Top