Russian Businessman Found Guilty in $90 Million Hack-to-Trade Conspiracy

BOSTON – A Russian businessman was convicted today by a federal jury in Boston for his involvement in an elaborate scheme that netted $90 million through securities trades based on non-public information stolen from U.S. computer networks.

Vladislav Klyushin, a/k/a “Vladislav Kliushin,” 42, of Moscow, Russia, was convicted following a 10-day jury trial of conspiring to obtain unauthorized access to computers, and to commit wire fraud and to commit securities fraud, and with substantive counts of obtaining unauthorized access to computers, wire fraud and securities fraud. U.S. District Court Judge Patti B. Saris scheduled sentencing for May 4, 2023. Klyushin was arrested in Sion, Switzerland in March 2021 and extradited to the United States in December 2021 to face federal charges in Boston. 

Klyushin was charged along with two Russian co-conspirators: Ivan Ermakov and Nikolai Rumiantcev. Two others, Mikhail Vladimirovich Irzak and Igor Sergeevich Sladkov, were charged in a separate indictment. All four co-conspirators remain at large. In October 2018, Ermakov was also charged in federal court in Pittsburgh in connection with his alleged role in hacking and related disinformation operations targeting international anti-doping agencies, sporting federations, and anti-doping officials.

“The jury saw Mr. Klyushin for exactly what he is – a cybercriminal and a cheat. He repeatedly gamed the system and finally got caught. Now he is a convicted felon. For nearly three years, he and his co-conspirators repeatedly hacked into U.S. computer networks to obtain tomorrow’s headlines today. They used that nonpublic information to trade illegally in the shares of hundreds of publicly traded companies. He had the answer key and reaped enormous financial gains with stolen inside information. Mr. Klyushin compromised the integrity of our securities markets and cheated individual investors and pension funds,” said United States Attorney Rachael S. Rollins. “This case demonstrates the Department of Justice’s commitment to protecting our financial markets and computer networks by aggressively pursuing those who seek to profit unfairly through intrusive cyber-attacks. My office and our law enforcement partners will continue our work to identify, prosecute and hold accountable criminals like Klyushin regardless of where they reside or the manner in which they try to conceal their illegal activities. Cybercriminals be warned: we will use every tool at our disposal to track you down and you will end up as a defendant in a courtroom.”

“Today’s verdict proves Vladislav Klyushin used various illegal and malicious means to hack into computer systems with the goal of obtaining insider information to gain tens of millions of dollars in illegal profits,” said Joseph R. Bonavolonta, Special Agent in Charge of the Federal Bureau of Investigation, Boston Division. “The FBI will not stand idly by and allow criminals like him to meddle in our financial systems or marketplace at the expense of American investors. We will aggressively investigate anyone who attacks the integrity of our country’s computer networks and capital markets and bring their criminal conduct to a halt.”

    Klyushin, Ermakov and Rumiantcev worked at M-13, a Moscow-based information technology company that Klyushin owns. M-13 offered penetration testing and “Advanced Persistent Threat (APT) emulation,” – both services that seek exploitable vulnerabilities in a computer system via hacking techniques, purportedly for defensive purposes. M-13’s website indicated that the company’s “IT solutions” were used by “the Administration of the President of the Russian Federation, the Government of the Russian Federation, federal ministries and departments, regional state executive bodies, commercial companies and public organizations.” In addition to these services, Klyushin invested the money of several investors in his hack-to-trade scheme, and took a 60 percent cut of their profits.

Trial evidence showed that, between at least in or about January 2018 and September 2020, Klyushin, Ermakov, Irzak, Sladkov and Rumiantcev conspired to use stolen earnings information to trade in the securities of companies that are publicly traded on U.S. national securities exchanges, including the NASDAQ and the NYSE, in advance of public earnings announcements. Using the same malicious hacking techniques M-13 advertised to customers, Klyushin and his co-conspirators obtained inside information by hacking into the computer networks of two U.S.-based filing agents that publicly-traded companies used to make quarterly and annual filings through the U.S. Securities and Exchange Commission (SEC). Specifically, Klyushin and his co-conspirators deployed malicious infrastructure capable of harvesting and stealing employees’ login information and used proxy (or intermediary) computer networks outside of Russia to conceal the origins of their activities. With this access, Klyushin and his co-conspirators viewed and downloaded material non-public information, such as quarterly and annual earnings reports that had not yet been filed with the SEC or disclosed to the general public, for hundreds of companies – including Capstead Mortgage Corp., Tesla, Inc., SS&C Technologies, Roku and Snap, Inc.  Many of the illegally obtained earnings reports were downloaded through a computer server located in downtown Boston.

Armed with this information before it was disclosed to the public, Klyushin and his co-conspirators knew ahead of time, among other things, whether a company’s financial performance would meet, exceed or fall short of market expectations – and thus whether its share price would likely rise or fall following the public earnings announcement. Klyushin then traded based on that stolen information in brokerage accounts held in his own name and in the names of others. Klyushin and his co-conspirators also distributed their trading across accounts they opened at banks and brokerages in several countries, including Cyprus, Denmark, Portugal, Russia and the United States, and misled brokerage firms about the nature of their trading activities. 

Evidence presented at trial demonstrated that the times in which the filing agents were hacked corresponded with the times in which Klyushin and his co-conspirators made profitable trades. Additionally, of the more than 2,000 earnings events around which Klyushin and his co-conspirators traded between January 2018 and September 2020, more than 97 percent were filed with the SEC by the victim filing agents. Testimony at trial indicated that the odds of this trading pattern occurring in the absence of a relationship between the trading and the identity of the filing agent was less than one in a trillion.  

In total, Klyushin and his co-conspirators earned close to $100 million in earnings trading from roughly $9 million in investments using inside information, even as they lost close to $10 million in non-earnings trading – representing a return of more than 900 percent during a period in which the broader stock market returned just over 25 percent. Of that amount, Klyushin individually netted more than $38 million, including nearly $23 million on his personal trading and trading for his company, in addition to more than $13 million on the money he invested for others.

The charge of conspiracy to obtain unauthorized access to computers, and to commit wire fraud and to commit securities fraud provides for a sentence of up to five years in prison, three years of supervised release and a fine of $250,000 fine, or twice or the gross gain or loss. The charge of unauthorized access to computers provides for a sentence of up to five years in prison, three years of supervised release and a fine of $250,000, or twice the gross gain or loss. The charges of securities fraud and wire fraud each provide for a sentence of up to 20 years in prison, three years of supervised release and a fine of $250,000, or twice the gross gain or loss. Each of the charges also provide for restitution and forfeiture upon conviction. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and statutes which govern the determination of a sentence in a criminal case.

U.S. Attorney Rollins and FBI SAC Bonavolonta made the announcement today. The SEC, the Justice Department’s Office of International Affairs, the Swiss Federal Office of Justice, the Valais and Zurich Cantonal Police authorities, the Federal Bureau of Investigation’s Washington Field Office and the victim filing agents provided valuable assistance to the investigation. Stephen E. Frank and Seth B. Kosto, Chief and Deputy Chief respectively, of Rollins’ Securities, Financial & Cyber Fraud Unit are prosecuting the case.