Criminals hack into public firms then commit insider trading violations
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
December 1, 2014
If you always thought that insider trading was committed by CEOs, CFOs, stock brokers or other white collar Wall Street workers, think again.
Insider trading is now the domain of hackers. A group of sophistated criminals have broken into more than one-hundred publicly traded companies and stolen extremely sensitive corporate information, according to a report by cybersecurity firm FireEye.
These highly knowledgeable hackers uncovered billion-dollar merger discussions that were in progress, secret product development projects that could have led to valuable patents and potential legal cases, which would give them a huge advantage over the rest of the public when trading the stocks of those listed companies.
Approximately 68.4 percent of the group's targets were in the health care and pharmaceutical industries. All but three of the targeted companies are listed on the New York Stock Exchange or Nasdaq.
The kind of sensitive information the cybercriminals stole was only valuable if used to invest in the stock of those companies, said Dan McWhorter, FireEye's head of threat intelligence.
This is the first time hackers have been caught systematically spying on companies in order to bet on Wall Street companies, he noted.
Unlike most organized cybercrime syndicates that attack U.S. corporations, this group is comprised of native English speakers from North America or Western Europe, according to FireEye.
They are also extremely knowledgeable about finance, Wall Street parlance and the specific industries they targeted. That's why FireEye nicknamed the group "Fin4."
And Fin4 has been extremely difficult to track. The hacking group doesn't use any malware, which can sometimes be traced as a kind of cybercriminal calling card. Instead, Fin4 goes after employees of the companies they are targeting with phishing scams.
The hackers fool corporate staff into typing their usernames and passwords into fake login pages, and then they use those credentials to snoop inside a company's network.
FireEye, which contracts with many of the companies that got hacked, would not name the targeted corporations, however.
The cybersecurity company said it did not know whether the Fin4 hackers benefited financially from the attacks.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!