Insider Trading: Ukrainian Hackers Accomplice Pleads Guilty

Uploaded on 2016-08-09 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

A US stockbroker pleaded guilty to conspiracy for his role in an insider-trading ring that reaped millions of dollars in illicit profits from Ukrainian hackers who pilfered corporate press releases before they were published.

Leonid Momotok, of Suwanee, Georgia, admitted he controlled a brokerage account used in a five-year scheme. At a hearing recently before US Magistrate Judge Ramon Reyes, he admitted he placed and profited from trades based on information he knew was stolen.

“I knew that this inside information was being passed to traders like myself and on the basis of this information, I executed trades on New York stock exchanges,” he said. “It was bad judgment and I am very sorry.”

Momotok, 48, was one of nine people charged in a case that federal prosecutors in Brooklyn and New Jersey described last year as the largest scheme of its kind ever prosecuted in both the scope of the alleged hacking and the number of traders involved.

Plea Deal

Momotok was indicted on conspiracy, securities fraud, money laundering and other charges. The most serious crimes of securities fraud and wire fraud carry terms of as long as 20 years in prison.

As part of a plea deal, Momotok pleaded guilty to one count of conspiracy to commit wire fraud and agreed not to challenge a prison sentence of not more than nine years when he is sentenced Dec. 9. He and his attorney, Linda Moreno, declined to comment as they left the courtroom.

The case highlights an unusual intersection of securities fraud and hacking. Prosecutors said the ring employed a criminal alliance of traders and hackers who infiltrated PR Newswire Association LLC, Marketwired Inc. and Business Wire, obtaining more than 150,000 unpublished news releases ahead of market-moving news. Traders made about $30 million in illicit gains.

The ring gained access to the three services by launching a series of orchestrated cyber-attacks using malware and obtaining the log-in credentials of newswire employees, according to the government. Hackers then circulated “shopping lists” of companies about to issue news releases, such as Panera Bread Co, Caterpillar Inc., Home Depot Inc. and Advanced Micro Devices Inc., the government said.

Leaked Releases

Members of the ring in the US and the Ukraine, including Momotok, then traded on the leaked news releases ahead of their publication, prosecutors said. Millions of dollars were laundered when they were transferred to Europe, Asia and elsewhere using shell companies, according to the government.

Momotok’s co-defendant, Vitaly Korchevsky, called the alleged “linchpin” by prosecutors, is accused of making $17 million. He pleaded not guilty to the charges and is awaiting trial. Another co-defendant, Alexander Garkusha, pleaded guilty in December and is cooperating with the US. He hasn’t yet been sentenced. A fourth man isn’t in custody.

Of the five charged in New Jersey, two have pleaded guilty and charges are pending against the other three, according to court records.

Information-Management

 

« Mobile Battery Tracks You Online
Cybersecurity Issues Are M&A Deal Breakers »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

aizoOn Technology Consulting

aizoOn Technology Consulting

aizoOn is a technology consulting company offering a range of services including IoT & embedded security, mobile security, cybersecurity assessments, risk & compliance, network monitoring and more.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

Database Cyber Security Guard

Database Cyber Security Guard

Database Cyber Security Guard (aka Don't Be Breached) informs Security Professionals and DBAs of Zero Day, Ransomware and Data Breach attacks within milli-seconds

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

Aptible

Aptible

Aptible is a Platform as a Service (PaaS) that gives startups everything developers need to launch and scale apps and databases that are secure, reliable, and compliant.

ioXt Alliance

ioXt Alliance

The ioXt Alliance is a group of manufacturers, industry alliances and government organizations dedicated to harmonizing best security practices in a highly connected world.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

Siege Technologies

Siege Technologies

Siege Technologies is a pioneer of multi-purpose cybersecurity products and services that enable customers to leverage both offensive and defensive technologies.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

DataTrails

DataTrails

DataTrails enables organizations to prove and verify the provenance and authenticity of any data they use in their business operations.

Sherweb

Sherweb

Sherweb are a marketplace of leading cloud solutions and value-added services delivered by a team of passionate experts invested in MSP growth.

Nexsan

Nexsan

Nexsan offers versatile and robust data storage solutions tailored to adapt seamlessly across a diverse range of sectors, ensuring reliable performance for critical data management.

ThreatMon

ThreatMon

Gain insights into emerging threats with real-time data and AI-driven analysis to stay ahead of cyber risks. Detect, analyze, and respond to threats before they happen.