An alleged Russian hacker who made the mistake of visiting Switzerland, where he was arrested, now faces federal charges in Boston that he was part of a ring that figured out how to read financial statements of publicly traded companies before they were released, letting them make stock trades that netted them tens of millions of dollars in profits.
Vladislav Dmitriyevich Klyushin, 41, of Moscow, was formally charged in US District Court here with conspiring to obtain unauthorized access to computers, and to commit wire fraud and securities fraud, and with obtaining unauthorized access to computers, wire fraud and securities fraud. Four other Russians, some already facing charges for conspiring to try to throw the 2016 presidential election, were also charged, but Klyushin is the only one who so far has managed to get himself arrested and handed over to American law enforcement to date.
The US Attorney's office says he was arrested in the small Swiss town of Sion in March, one day after the US Attorney's office here issued charges against him. He was extradited to the US last week, and the charges against him unsealed today.
Although it did not target Massachusetts companies, the ring did use an unnamed data center and VPN provider in Boston, according to an affidavit by an FBI agent on the case and the US Attorney's office.
According to the affidavit, the ring, operating as M-13, a purported Moscow IT firm, managed to install malware on the servers of at least two companies, or "filing agents," that specialize in transmitting quarterly financial forms from publicly held US companies to the Securities and Exchange Commission. The software got them login information for employees, and with that, they were able to download the financial data days or hours before they were released to the SEC and made public, which let them either buy or short the stocks of the companies before the news hit the markets, at least between 2018 and 2020, according to the affidavit.
The US Attorney's office adds:
For example, according to court documents, during a single two-week period between Oct. 22, 2018 and Nov. 6, 2018, Ermakov or another coconspirator gained unauthorized access into Filing Agent 2's computer network using IP addresses hosted at a data center located in Boston, and viewed or downloaded the non-public earnings-related files of several companies, including Capstead Mortgage Corp., Tesla, Inc., SS&C Technologies, and Nevro Corp. Thereafter—days before the companies' financial results were filed with the SEC and publicly disclosed—Klyushin and other co-conspirators allegedly placed profitable trades in the shares of those companies, buying shares of companies that were about to disclose positive financial results and selling short shares of companies that were about to disclose negative financial results. For example, on or about Oct. 24, 2018, before one company publicly disclosed positive quarterly earnings results, Klyushin or another coconspirator allegedly purchased its securities in Klyushin's brokerage account at a Russia-based brokerage firm. That same day, Klyushin allegedly sent a message to M-13 investors, Individuals 1 and 2, stating "Pay attention to shares of [the company] now and tomorrow after 16:30 and on how much they go up".
The most serious of the charges against Klyushin, securities fraud, carries a potential prison sentence of 20 years if he is convicted.