The US Attorney's Office of Massachusetts on Monday announced the extradition of Vladislav Klyushin, a Russian business executive with ties to the Kremlin, on charges of hacking US computer networks and committing securities fraud by trading on undisclosed financial data.
Klyushin, 41, a resident of Moscow, Russia, was arrested in Sion, Switzerland on March 21, 2021, reportedly upon disembarking from his private jet while on vacation with his family. The following month, Russia asked that he be sent home and, almost two weeks later, the US asked that he be sent to America for trial. The Swiss rejected Russia's request for being incompatible with its laws and eventually accepted the American request.
On Monday, the Department of Justice unsealed charges against Klyushin in advance of his expected appearance in court. The feds accuse him of conspiring to access computers without authorization and to commit wire and securities fraud, and with obtaining unauthorized access to computers and then committing wire and securities fraud.
Klyushin, also spelled "Kliushin," said in the government's complaint [PDF] to be the owner of penetration testing firm M-13, is one of five co-defendants. The others, who remain at large, are: Ivan Ermakov, 35, of Moscow, a former officer in the Russian Main Intelligence Directorate (GRU); Nikolai Rumiantcev, 33, of Moscow; Mikhail Vladimirovich Irzak, 43, of St. Petersburg, Russia; and Igor Sergeevich Sladkov, 42, of St. Petersburg.
Ermakov, also spelled "Yermakov," is one of seven alleged GRU agents charged by the Justice Department in October, 2018, with computer hacking, wire fraud, aggravated identity theft, and money laundering related to the 2016 US election and to disinformation operations that targeted sports and anti-doping organizations.
M-13, according to the US government's complaint, provided IT and media monitoring services, cyber security consulting, and penetration testing, and claimed prominent Russian government officials and agencies as clients. The firm is also said to have offered investment management in exchange for 60 per cent of investors' profit – not a particularly appealing rate unless extraordinary profits were assured.
- Russia-based criminals are still the UK's number 1 cyber-foe, NSO Group's wares a 'red flag' says NCSC chief
- Computer and data scientists should be as highly regarded as 'warriors' says top UK cybergeneral
- Never mind Russia: Turkey and Vietnam are Microsoft's new state-backed hacker threats du jour
- Here's 30 servers Russian intelligence uses to fling malware at the West, beams RiskIQ
From around January, 2018, through September, 2020, Klyushin, Ermakov, and Rumiantcev are said to have conspired with others to access the computer networks of two US companies authorized to file electronic documents with the SEC on behalf of corporate clients. The defendants allegedly used stolen employee credentials, associated with the networks of the two filing agent firms, to access financial disclosures from hundreds of publicly traded companies prior to publication.
"Armed with these reports, which contained material non-public information, the defendants further conspired to enrich themselves by trading in the securities of those companies," the complaint says. "Through this scheme, the defendants earned tens of millions of dollars in illegal profits."
The defendants are said to have purchased the shares of companies reporting positive results and to have shorted the shares of those planning to report negative results. They allegedly bought or sold shares of Snap, Cytornx Therapeutics, Horizon Therapeutics, Puma Biotechnology, Synaptics, Capstead Mortgage, SS&C Technologies, Roku, Avnet, and Tesla, among others.
Boiler room scam
The separate complaint against Irzak and Sladkov [PDF] describes similar trading on non-public information involving some of the abovementioned firms as well as others, including but not limited to: Grubhub, Patterson UTI-Energy, Ultra Clean Holdings, CNH Industrial NV, Getty Realty, Essendant, Tandem Diabetes Care, Kohl's, Box, IBM, and The Nielsen Company.
The scheme allegedly netted tens of millions of dollars for the participants. According to the affidavit of FBI agent BJ Kang [PDF], Irzak and Sladkov conducted trades involving 149 companies in advance of earnings announcements and achieved a success rate of 66 per cent – accurately anticipating whether the related share price would rise or fall.
The charges against Klyushin – the only one of the alleged conspirators currently in custody – carry potential maximum sentences, if he's convicted, of: five years for conspiracy to obtain unauthorized access to a computer and to commit wire fraud and securities fraud; five years for unauthorized access to a computer; and 20 years each for securities and wire fraud. Penalties per count also include up to three years of supervised release, potential fines of $250,000 or twice the gross gain/loss, as well as provisions for restitution and forfeiture.
Following the Swiss court's decision to send Klyushin to the US and the rejection of Klyushin's appeal, the Russian Ministry of Foreign Affairs via Twitter last week expressed dissatisfaction with the legal process.
"We are deeply disappointed by the ruling issued in Switzerland on the extradition of Russian citizen Vladislav Klyushin to the US," the Ministry said last week, noting that the Swiss had rejected the Russian Prosecutor General's request to return Klyushin to Russia and instead accepted "the highly questionable US allegations." ®
- Black Hat
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Federal government of the United States
- Government of the United Kingdom
- Identity Theft
- Microsoft 365
- Microsoft Office
- Microsoft Teams
- Palo Alto Networks
- Visual Studio
- Visual Studio Code
- Web Browser