friends in high places — Who are the two major hackers Russia just received in a prisoner swap? Both men committed major financial crimesand had powerful friends.
Nate Anderson – Aug 2, 2024 12:14 am UTC EnlargeGetty Images reader comments 45
As part of todays blockbuster prisoner swap between the US and Russia, which freed the journalist Evan Gershkovich and several Russian opposition figures, Russia received in return a motley collection of serious criminals, including an assassin who had executed an enemy of the Russian state in the middle of Berlin.
But the Russians also got two hackers, Vladislav Klyushin and Roman Seleznev, each of whom had been convicted of major financial crimes in the US. The US government said that Klyushin stands convicted of the most significant hacking and trading scheme in American history, and one of the largest insider trading schemes ever prosecuted. As for Seleznev, federal prosecutors said that he has harmed more victims and caused more financial loss than perhaps any other defendant that has appeared before the court.
What sort of hacker do you have to be to attract the interest of the Russian state in prisoner swaps like these? Clearly, it helps to have hacked widely and caused major damage to Russias enemies. By bringing these two men home, Russian leadership is sending a clear message to domestic hackers: Weve got your back.
But it also helps to have political connections. To learn more about both men and their exploits, we read through court documents, letters, and government filings to shed a little more light on their crimes, connections, and family backgrounds. Vladislav Klyushin
In court filings, Vladislav Klyushin claimed to be a stand-up guy, the kind of person who paid for acquaintances medical bills and local monastery repairs. He showed, various letters from friends suggested, extraordinary compassion, generosity, and civic and charitable commitment.
According to the US government, though, Klyushin made tens of millions of dollars betting for and against (shorting) US companies by using hacked, nonpublic information to make stock trades. He was arrested in 2021 after arriving in Switzerland on a private jet but before he could get into the helicopter that would have taken him to a planned Alps ski vacation.
Klyushin never met his father, he said, a man who drank excessively and then was killed during a car theft gone bad when Klyushin was 14. Klyushins mother was only 19 when she had him, and the family occasionally had limited food and clothing. Klyushin tried to help out by joining the workforce at 13, but he managed to graduate high school, college, and even graduate school, ending up with a doctorate.
After various jobs, including a stint at the Moscow State Linguistic University, Klyushin took a job at M-13, a Moscow IT company that did penetration testing and Advanced Persistent Threat emulationthat is, M-13 could be hired to act just like a group of hackers, probing corporate or government cybersecurity. Oddly enough for an infosec company, M-13 also offered investment advice; give them your money and fantastic returns were promised, with M-13 keeping 60 percent of any profits it made.
This was not mere puffery, either. According to the US government, the M-13 team had an improbable win rate of 68 percent on its stock trades, and it generated phenomenal, eight-figure returns, turning $9 million into $100 million (a return of more than 900 percent during a period in which the broader stock market returned just over 25 percent, said the government).
But Klyushin and his associates were not stock-picking wizards. Instead, they had begun hacking Donnelly Financial and Toppan Merrill, two filing agents that many large companies use to submit quarterly and annual earning reports to the Securities and Exchange Commission. These reports were uploaded to the filing agents systems several days before their public release. All the M-13 team had to do was liberate the files early, read through them, and buy up stocks of companies that had overperformed while shorting stocks of companies that had underperformed. When the reports went public a few days later and the markets responded to them, the M-13 team made huge returns. Klyushin himself earned several tens of millions of dollars between 2018 and 2020.
To avoid consequences for this flagrantly illegal behavior, all Klyushin had to do was stay in Russiaor, at least, not visit or transit through a country that might extradite him to the USand he could keep buying up yachts, cars, and real estate. Thats because Russiaalong with China and Iran, the largest three sources of hackers who attack US targetsdoesnt do much to stop attacks directed against US interests. As the US government notes, none of these governments respond to grand jury subpoenas and rarely if ever provide the kinds of forensic information that helps to identify cybercriminals. Nor do they extradite their nationals, leaving the government to rely on the chance that an indicted defendant will travel.
But when you have tens of millions of dollars, you often want to spend it abroad, so Klyushin did traveland got nabbed upon his arrival in Switzerland. He was extradited to the US in 2021, was found guilty at trial, and was sentenced to nine years in prison and the forfeiture of $34 million. It is unclear if the US government was able to get its hands on any of that money, which was stashed in bank accounts around the world.
Klyushins fellow conspirators have wisely stayed in Russia, so with his release as part of todays prisoner swap, all are likely to enjoy their ill-gotten gains without further consequence. One of Klyushin’s colleagues at M-13, Ivan Ermakov, is said to be a former Russian military intelligence officer who used to run disinformation programs targeting international anti-doping agencies, sporting federations, and anti-doping officials. Page: 1 2 Next → reader comments 45 Nate Anderson Nate is the deputy editor at Ars Technica. His most recent book is In Emergency, Break Glass: What Nietzsche Can Teach Us About Joyful Living in a Tech-Saturated World, which is much funnier than it sounds. Advertisement Channel Ars Technica ← Previous story Next story → Related Stories Today on Ars