The Massachusetts U.S. Attorney’s Office on Monday announced the extradition of Vladislav Klyushin, a Kremlin-linked Russian business executive charged with hacking into U.S. computer networks and committing securities fraud by trading in financial data. not disclosed.
Klyushin, 41, a resident of Moscow, Russia, was arrested in Sion, Switzerland, on March 21, 2021, would have stepping off his private jet while on vacation with his family. The following month, Russia requested that he be sent home, and nearly two weeks later the United States requested that he be returned to America for trial. The Swiss rejected Russia’s request as incompatible with its laws and eventually agreed to the US request.
On Monday, the Ministry of Justice unsealed charges against Klyushin ahead of his scheduled court appearance. Federal authorities charge him with conspiring to gain unauthorized access to computers and committing wire and credential fraud, and obtaining unauthorized access to computers, then committing fraud by wire and on titles.
Klyushin, also spelled “Kliushin”, said in the government complaint [PDF] being the owner of the penetration testing company M-13, is one of five co-defendants. The others, still at large, are: Ivan Ermakov, 35, from Moscow, a former officer of the General Russian Intelligence Directorate (GRU); Nikolai Rumiantcev, 33, from Moscow; Mikhail Vladimirovich Irzak, 43, from St. Petersburg, Russia; and Igor Sergeevich Sladkov, 42, from St. Petersburg.
Ermakov, also spelled “Yermakov”, is one of seven suspected GRU agents commissioned by the Ministry of Justice in October 2018, with hacking, wire fraud, aggravated identity theft and money laundering linked to the 2016 US election and disinformation operations targeting sports and anti-doping organizations.
M-13, according to the U.S. government’s complaint, provided computer and media monitoring services, cybersecurity consulting and penetration testing, and claimed prominent Russian government officials and agencies as clients. The firm also reportedly offered investment management in exchange for 60% of investors’ profits – an unattractive rate unless extraordinary profits were assured.
From approximately January 2018 to September 2020, Klyushin, Ermakov and Rumiantcev allegedly conspired with others to gain access to the computer networks of two US companies licensed to file electronic documents with the SEC on behalf of corporate clients. The defendants allegedly used stolen employee credentials associated with the two companies’ networks of filing agents to access the financial information of hundreds of publicly traded companies prior to release.
“Armed with these reports, which contained material non-public information, the defendants further conspired to enrich themselves by trading in the securities of these companies,” the complaint states. “Through this scheme, the defendants earned tens of millions of dollars in illegal profits.”
Defendants allegedly bought the shares of companies reporting positive results and shorted the shares of those that planned to report negative results. They reportedly bought or sold shares of Snap, Cytornx Therapeutics, Horizon Therapeutics, Puma Biotechnology, Synaptics, Capstead Mortgage, SS&C Technologies, Roku, Avnet, and Tesla, among others.
Boiler room scam
The separate complaint against Irzak and Sladkov [PDF] describes similar nonpublic information transactions involving some of the aforementioned companies as well as others, including but not limited to: Grubhub, Patterson UTI-Energy, Ultra Clean Holdings, CNH Industrial NV, Getty Realty, Essendant, Tandem Diabetes Care, Kohl’s, Box, IBM and The Nielsen Company.
The scheme reportedly netted participants tens of millions of dollars. According to the affidavit of FBI agent BJ Kang [PDF]Irzak and Sladkov completed trades involving 149 companies prior to the earnings announcement and achieved a 66% success rate, accurately anticipating whether the related stock price would rise or fall.
The charges against Klyushin – the only one of the alleged conspirators currently in custody – carry potential maximum sentences, if convicted, of: five years for conspiracy to gain unauthorized access to a computer and commit wire fraud and securities fraud; five years for unauthorized access to a computer; and 20 years each for securities fraud and wire fraud. Per-count penalties also include up to three years of supervised release, potential fines of $250,000 or double gross gain/loss, and restitution and forfeiture provisions.
Following the Swiss court’s decision to send Klyushin to the United States and the rejection of Klyushin’s appeal, the Russian Foreign Ministry via Twitter last week expressed dissatisfaction with the legal proceedings.
“We are deeply disappointed by the decision issued in Switzerland on the extradition of Russian citizen Vladislav Klyushin to the United States,” the ministry said. noted last week, noting that the Swiss had rejected the Russian attorney general’s request to send Klyushin back to Russia and instead accepted “the highly questionable US allegations”. ®