It is being reported that hackers would gain knowledge of secret details of corporate deals in advance by breaking into newswires such as PRNewswire and Business Wire, for pre-public announcements of corporate mergers, and then work with stock traders to profit from the information in advance of any public announcement of the news.
According to media reports, the stolen information was then used by US-based traders to buy and sell shares in major companies including Boeing, Hewlett Packard and Oracle.
In all, more than $30 million worth of profit is said to have been made through the scheme.
Regular readers may note that this case has strong echoes with a FireEye report released earlier this year, that described how the Fin4 hacking gang was actively involved in manipulating high-level executives, attorneys and those who work with “black edge” trading information.
“Black edge” is reliable, rock solid information about a stock. As such, any criminal with access to “black edge” information about a company has the potential to make a huge amount of money.
I imagine that primary targets for any organised hacker/stock trader insider-trading would be healthcare and pharmaceutical companies, that are very sensitive to what is known as “catalyst events”.
The Fin4 gang used the same spearphishing tactics that we see used in many scams; however, what makes Fin4 special is that the group is very knowledgeable about how Wall Street works. They may possibly be native English speakers as well as Wall Street-trained, and the FireEye report speculated that Fin4 may be working with legitimate Wall Street entities.
It will be curious to see exactly what news comes out of Brooklyn today, and although a Reuters report pours some uncertainty as to whether the indictments are related to Fin4, one can’t help to wonder if there is some connection.
When the Fin4 gang was first revealed, it almost felt like the stuff of a Hollywood movie plot.
Now, it may be real.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.