SEC charges the attackers behind the EDGAR hack in 2016
- Oleksandr Ieremenko and Artem Radchenko, from Ukraine, were said to be the main perpetrators.
- Apart from the two, the US Security and Exchanges Commission has also charged traders from California, Russia, and Ukraine.
On Tuesday, the US Security and Exchanges Commission (SEC) filed charges against ten persons related to a major hack that happened in 2016.
Ukranian nationals, Oleksandr Ieremenko and Artem Radchenko were the key people convicted in the attack. Authorities told media that the two attackers broke into the corporate filing system thereby stealing confidential information of many companies.
“The defendants charged in the indictment announced today engaged in a sophisticated hacking and insider trading scheme to cheat the securities markets and the investing public,” told US Attorney Craig Carpenito. Consequently, this information was passed to traders who banked this info to sell stocks.
In the press release put out by the Department of Justice (DOJ), it says that Radchenko, Ieremenko, and others conspired to gain unauthorized access to the computer networks of the SEC’s EDGAR system.
Filing system intrusion
SEC’s Electronic Data Gathering, Analysis, and Retrieval (EDGAR) system allows companies to make test filings in advance of a public filing. These test filings often contain information that is the same or similar to the information in the final filing. Radchenko and Ieremenko allegedly stole these test filings and distributed it to traders who used it to make profitable trading.
Apparently, EDGAR had a software vulnerability which the attackers exploited to gain unauthorized access. It is reported that a profit of around $270,000 was made the first day as a result.
Subsequent transactions amounted to 4.1 million for the next year until SEC realized the hack. SEC has said that EDGAR was patched after the attack.
Radchenko and Ieremenko are yet to be brought to court post this allegation. As of now, the charges stand pending.