On Tuesday, leonid Momotok, of Swanee, Georgia, pleaded guilty to conspiracy to commit wire fraud for his role in an international scheme to hack into three business newswire ad steal yet-to-be published press releases containing non-public financial information that was then used to make trades that generated approximately $30 million in illegal profits. The guilty plea was entered before United States Magistrate Judge Ramon E. Reyes, Jr. at the federal courthouse in Brooklyn, New York. When sentenced, Momotok faces up to 20 years in prison, as well as restitution, criminal forfeiture, and a fine.
The guilty plea was announced by RObert L. Capers, United States Attorney for the Eastern District of New York, and Diego Rodriguez, Assistant Director-in-Charge, Federal Bureau of Investigation, New York Field Office.
“Using non-public press releases stolen by overseas hackers, Momotok and his group of traders engaged in a brazen scheme that was unprecedented in its scope, impact and sophistication,” stated United States Attorney Capers. “Today’s guilty plea demonstrates our steadfast commitment and preparedness to combating the ever-evolving threat of cybercrime and to protecting the integrity of our financial markets.” Mr Capers thanked the Securities and Exchange Commission (SEC) and the Department of Justice’s Office of International Affairs (OIA) for their cooperation and assistance in the investigation.
“In one of the most sophisticated insider trading cases we’ve seen to-date, Momotok and other traders used information to trade on from not yet released press releases obtained by hackers from newswire services. The scheme profited the traders approximately $30 million in ill-gotten profits. Today’s guilty plea should send a message to others who seek to cheat the system for a lucrative payday – these schemes only end with prison time and forfeiture of those profits,” stated Assistant Director-in-Charge Rodrigues.
According to court filings and facts presented at the plea hearing, between February 2010 and August 2015, computer hackers based in Ukraine gained unauthorized access into the computer networks of Marketwired L.P., PR Newswire Association LLC (PRN), and Business Wire (collectively, the “Newswire Companies). The hackers used a series of sophisticated cyber-attacks to gain access to the Newswire Companies’ computer networks. Once in the computer networks, the hackers stole press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and material financial information. At one point, one of the hackers sent an online chat message in Russian to another individual stating, “I’m hacking prnewswire.com.” In another online chat, the hackers states that they had compromised the log-in credentials of 15 Business Wire employees.
To capitalize on this stolen information, the hackers shared the stolen press releases with Momotok and other traders through overseas servers. In a series of emails, the hackers provided the traders with credentials and instructions on how to access and use the overseas servers. To assist the hackers steal the most valuable information, the traders created “shopping lists” or “wish lists” for the hackers listing desired upcoming press releases from Marketwired and PRN for publicly traded companies. Once Momotok and the other traders received the stolen press releases, they used that information to execute trades ahead of the issuance of the press release. In order to execute trades before the press releases were made public, Momotok and the other traders sometimes had to execute trades in extremely short windows of time. Frequently, all of this illegal trading activity occurred on the same day. Momotok and the other traders traded on stolen press releases containing material nonpublic information about publicly traded companies that included, among hundreds of others: Align Technology Inc.; Caterpillar Inc.; Hewlett Packard; Home Depot; Panera Bread Co.; and Verisign Inc.
Momotok and his co-conspirators gained more than $30 million from their illegal trades. In exchange for providing Momotok and the other traders with the stolen press releases, the hackers received a percentage of the illegal proceeds, which were transferred to them through shell companies.