Hack To Trade Conspiracy With Vladislav Klyushin – Act 1: M-13

Join us to hear the “Hack To Trade” conspiracy between Vladislav Klyushin, Ivan Ermakov, and Nikolai Rumiantcev at a Russian cybersecurity firm named M-13. Fun fact, Ermakov was also indicted for meddling in the 2016 United States elections. This is eCrimeBytes.com Season 2 Episode 12 Act 1: Hack To Trade Conspiracy With Vladislav Klyushin – Act 1: M-13.

Sources:

• https://www.justice.gov/usao-ma/pr/russian-businessman-sentenced-nine-years-prison-93-million-hack-trade-conspiracy
• https://www.courtlistener.com/docket/61629108/united-states-v-klyushin/
• https://www.courtlistener.com/docket/61628996/united-states-v-klyushin/
• https://www.justice.gov/usao-ma/press-release/file/1457956/download
• https://www.nbcnews.com/politics/justice-department/federal-judge-denies-bail-russian-close-ties-putin-rcna13318 (Photo)
• https://www.reuters.com/world/russian-businessman-pleads-not-guilty-us-insider-trading-through-hacking-2022-01-05/ (Photo)
• https://www.reuters.com/world/russian-businessman-gets-9-years-us-prison-hack-and-trade-scheme-2023-09-07/ (Photo)

Transcript:

00:00:10:03 – 00:00:38:16
Keith
Hey, welcome to eCrimeBytes. This is season two, episode 12. This is hack to trade conspiracy with Vladislav Klyushin. And let’s just I’m going to try to make this easy on our listeners because I try with these names and I’m going to murder the names and they’re all Russian names. I’m just going to call them Vlad from now on, unless there’s any disputes here from Seth, I think that will just be easier on everybody than trying to hear me murder it every time.

00:00:38:16 – 00:00:41:21
Keith
This case is,

00:00:41:21 – 00:01:00:20
Keith
the technology and it isn’t anything new that we’ve talked about in previous episodes. The two main concepts you’re going to hear in this case, the first one is going to be exploits. And we talked about this. I want to say it was an episode or two ago where, oh, it was the Razzlekhan’s husband Dutch.

00:01:00:22 – 00:01:21:25
Keith
He exploited the Bitfinex servers and in that particular case you find some vulnerabilities and then you run these exploits and it exploits those vulnerabilities and then you gain some kind of access to that victim’s system that you’re trying to get into. Same thing. It all applies here. It’s just different victims and different criminals. But the exploits, that’s all

00:01:21:25 – 00:01:24:03
Keith
exactly the same. It works exactly the same.

00:01:24:03 – 00:01:53:17
Keith
Now, this is the part and this is this is the reason why I pick this case. I like to see the different methods that criminals will monetize the way that they do their electronic crimes. Meaning if somebody breaks into a nonprofit right, and they don’t have access to credit card numbers and a bunch of information you might have in a corporation, you got to think, well, what you know, what kind of monetary value could they get out of that, right? In a nonprofit might be difficult.

00:01:53:19 – 00:02:06:11
Keith
Now, in the entities that we’re talking about in this episode, we’re talking about commercial entities, but specifically, we’re talking about publicly traded commercial entities. So

00:02:06:11 – 00:02:20:19
Keith
where prior episodes and a lot of news that you see with hacks target things like credit card theft, this one is going to use stock trading and insider secrets that are gained through the hack in order to make a bunch of money.

00:02:20:22 – 00:02:40:24
Keith
And I thought that was just the most interesting facet of this whole case. And that’s what this kind of hinges upon. Now, the crime in here, they charge them with unauthorized access to computers and wire and securities fraud, which kind of makes sense with stock trading and breaking into computers. We have three criminals. All three of them are Russian.

00:02:40:26 – 00:02:46:28
Keith
Only one of them is physically in the U.S. at times. And we’ll talk about why that’s important here in a minute.

00:02:46:28 – 00:03:07:26
Keith
The victims, well I just put society is general here because, you know, we all kind of lose when somebody uses insider information and tries to trade on it. Everybody on the stock market loses at that point. And specifically the victims are these securities filing agencies I’m going to talk about in a minute.

00:03:07:26 – 00:03:25:28
Keith
It’s a little bit of background in this case. So with that this week, it’s going to be a little shorter than our other weeks. We only have three acts. We have act number one, and this is called M13, and this is the name of the company these three individuals work for. Act two, which is Tuesday. That’s going to be the scheme.

00:03:25:28 – 00:03:44:01
Keith
And we’re going to talk all through what they did and then Act three, which is going to be Wednesday. It’s going to be the punishment. So we’re going to have a we’re gonna have three acts this week. Next week. I warn you, we have five acts. So I tried to balance them out that way by giving you a shorter case this week and a little bit of a longer case next week.

00:03:44:04 – 00:04:01:12
Keith
Next week is bananas, by the way. It’s a cyberstalking case that I would say rivals Jason Leidel. It’s crazy. But this week we’re going to start in Act One and we’re going to tell you a little bit about this company named M 13. And if you’re

00:04:01:12 – 00:04:11:01
Keith
listening to this rather than watching this so you can’t see it, it’s just it’s just the letter M, Dash 13, that’s the that’s the name of this company.

00:04:11:03 – 00:04:22:12
Keith
And it looks very military ish when you see it written different places. So a little bit of background I have to give you this episode for you to understand what it is we’re going to talk about.

00:04:22:12 – 00:04:32:00
Keith
And this is more for the crowd that doesn’t deal with publicly traded companies because almost all the background is publicly traded company requirements.

00:04:32:02 – 00:04:58:24
Keith
So if you’re a publicly traded company, there’s a lot of requirements that if you were just a normal everyday mom and pop business, you wouldn’t have to deal with. So a publicly traded companies, you’re required to file things like quarterly, public, financial reports saying, I spent this much money on this category and I brought in this much money through sales and, you know, all that kind of stuff.

00:04:58:24 – 00:05:02:28
Keith
It goes into a report that everybody can see because it’s a publicly traded company.

00:05:02:28 – 00:05:10:13
Keith
They’re also required to file periodic current reports. This means reports that would be

00:05:10:13 – 00:05:22:28
Keith
material to shareholders. So if it’s a report that says there’s like a change in leadership or something big, that would probably change the share price. It would fall into this requirement of reporting to the public.

00:05:22:28 – 00:05:44:13
Keith
Now, how does this happen on a technical aspect? This is what we care about in the eCrimeBytes portion. So a publicly traded company, they don’t they don’t really do the filing themselves. They they make the data and they put it into a report and then they give this report, which is an electronic report. Think of like a sort of a glorified Microsoft Word document.

00:05:44:13 – 00:06:00:11
Keith
Right. And they give it to this thing called a filing agency and a filing agency, their purpose is to take this data and then give it to the SEC and make it publicly available and meet those reporting requirements that I just talked about.

00:06:00:11 – 00:06:06:23
Keith
So you can imagine there’s a point in time where if Seth had a publicly traded company and he

00:06:06:23 – 00:06:15:08
Keith
put together all the financials for his quarterly report and it was three weeks out from when it has to be reported, which, you know, the date that they come out.

00:06:15:08 – 00:06:26:28
Keith
I mean, all these big companies, you know the day that the quarterly finals are the quarterlies and the finals are coming out. So you can imagine they get completed way ahead of time, probably weeks, maybe even a month or so ahead of time.

00:06:26:28 – 00:06:42:24
Keith
Now, it’s going to sit there at the filing agency. And that’s a gold nugget for an attacker, because if they can get this information, it’s at the point where it’s not public, but it’s true information.

00:06:42:24 – 00:06:56:07
Keith
So, you know, it’s going to change the stock price and then you can go to town and and figure out how much money you want to put the stock market, because you’ve almost got a sure thing at this point if you have this information. All right.

00:06:56:07 – 00:07:02:29
Keith
So there’s this company out there called M13. They’re an information technology company and they’re in Moscow, Russia.

00:07:03:02 – 00:07:30:08
Keith
Okay. I looked them up and it says IT and media monitoring services, which is very generic. They say it includes social media, cybersecurity consulting and penetration testing. And the children in our audience laugh like me in their head. That’s just where you attack a network to see what vulnerabilities it has in order to use these exploits that I talked about earlier against it.

00:07:30:13 – 00:07:59:18
Keith
So it’s just a security assessment in the physical world. It may be somebody coming to your building and looking at all the physical locks. It’s sort of the same thing. But for computers, they also offer this thing called advanced persistent threat APT emulation. And what this is, is like an attacker that really wants to target your enterprise. And it’s going to go to all lengths to try to break into your enterprise and keep it themselves in your enterprise once they’ve broken into it.

00:07:59:18 – 00:08:18:19
Keith
So in a nutshell, M13, you can think of them as they find vulnerabilities before adversaries do. Okay, At least that’s on paper. Now. Vlad, he is the first deputy general director of M13, and sometimes he’s claimed to be owner of the company as well.

00:08:18:19 – 00:08:25:01
Keith
He Vlad is the focus of this episode. Also sidetrack he’s a father of five.

00:08:25:01 – 00:08:43:15
Keith
And I thought, holy fucking God, that must be very hard because I have three. And that was hard enough, so I couldn’t imagine add two to that mix. So Vlad has a friend named Ivan Ermakov and we’ve got AKAs and I’m not sure if it’s because they use a different spelling in English or if it’s legit

00:08:43:20 – 00:08:52:23
Keith
them trying to use a different persona, but he has an AKA of Ivan Yermakov, starting with a Y instead of a E.

00:08:52:23 – 00:09:06:04
Keith
So Ivan, he was deputy general director of M13, also former FSB, which is sort of like the Russian CIA. Now, the third individual, Nikolai

00:09:06:04 – 00:09:15:12
Keith
Rumiantcev, and he has an AKA of Nikolai Rumyantsev, and it’s got a Y in there instead of an I.

00:09:15:14 – 00:09:39:04
Keith
He was also a deputy general director of M13. And so I got some pictures here of just Vlad, actually. So this is one picture that showed up in the DOJ paperwork and I guess they gave it to Reuters and I got it through Reuters, so I got it on there. This looks like some kind of a vacationing type of photo, but there’s this other government exhibit here.

00:09:39:06 – 00:10:00:24
Keith
This is this passport. So the important stuff is blanked out in there. You know, you don’t see his, I guess, ID numbers and so forth. But this is his legit Russian passport and that’s the one I use for a thumbnail on YouTube, if you looking at the video version. And this is another picture of him through Reuters, again through us DOJ.

00:10:00:24 – 00:10:22:29
Seth
So a couple of things here. One, I actually have a friend of mine who has a business that does one of the things that M13 claims to do, which is it? They scrape social media metadata and they try to, I guess, put it through an algorithm to try to help. And they sell that data right to various investment companies in an effort to, I guess, help them make better stock picks.

00:10:22:29 – 00:10:27:04
Seth
Really. Right. Somebody like sneakers, you know, maybe they’ll they’ll invest in a

00:10:27:04 – 00:10:58:07
Seth
you know, in Nike or whatever. So I have seen that before. Now, what’s interesting here, though, is they’re claiming to do that kind of work and I guess they kind of went to the dark side here. I just find that very interesting. Okay. Let’s talk about some fun facts about Mr. Ermakov’s background In July of 2018, a federal grand jury in Washington D.C. indicted him in connection with his alleged role in a scheme to interfere with the 2016 U.S. elections by way of computer hacking.

00:10:58:09 – 00:11:27:18
Seth
In October 2018. Ermakov was also charged by a federal grand jury in Pittsburgh in connection with his alleged role in hacking and related disinformation operations targeting international anti-doping agencies, sporting federations and anti-doping officials. So this guy has absolutely got a background in using computers to commit fraud and other crimes now from M13 investment perspective. So they claim to also offer investment management services.

00:11:27:24 – 00:11:40:29
Seth
So you might be wondering. Well, wait a second. Wait a second. How are they able to give any kind of sound financial advice as a cybersecurity company? They also claim that they can give services

00:11:40:29 – 00:11:49:18
Seth
for up to 60% of the profits. So, Jonesy, reading the same way I am, which is saying, Hey, if we make you 100 bucks, we take $60 out of it.

00:11:49:18 – 00:11:51:27
Seth
Is that what you’re. Well, you’re reading that also.

00:11:52:00 – 00:12:02:18
Keith
Yes, it I read this as you’re just basically our money mule. At that point, you give us money, we invest it, we take most of it. You get 40% back.

00:12:02:21 – 00:12:15:10
Seth
Yeah. I mean, I guess in one perspective that’s like, that’s pretty good. It’s way more than you get from a bank. But the other side of it is if you’re investing money, you could also lose it. Anyway, I found it interesting.

00:12:15:10 – 00:12:38:18
Keith
Yep. And with that we gave you all the background and we’re going to make you come back tomorrow because we’re going to get right into the scheme because we left you with a question, right? How does a cybersecurity company legitimately say, Hey, we’re now an investment firm too? We do both. We do cybersecurity assessments and we take care of your money, which is just a very incredibly weird combination you just don’t see.

00:12:38:21 – 00:12:56:18
Keith
I’ve never seen it in America. So that should ring some red flags right there. And we’re going to tell you why the red flags are true in Act two, which is called the scheme. So there’s anything you liked in this episode? Please give us a thumbs up. Give us a like. Give us a follow. Give us a subscribe whatever application you’re on.

00:12:56:21 – 00:13:17:02
Keith
If you’re on Apple Podcasts, please give us five stars and tell us what episode, what episode’s your favorite. And if you haven’t been to our website, do visit that. It’s just eCrimeBytes dot com. Bytes spelled the computer way y as in yellow milk and Seth and I hope to see you back tomorrow and we will get right into the scheme.

00:13:17:02 – 00:13:21:21
Keith
And this is where things get really interesting. Thanks. See ya then.