Securities Regulation Daily Securities charges in hacked press release case upheld on appeal
Tuesday, July 20, 2021

Securities charges in hacked press release case upheld on appeal

By Mark S. Nelson, J.D.

The case offers a glimpse into the intersection of securities fraud and computer hacking which, in this case, involved a global conspiracy that used a SQL injection to navigate to secured areas within several business wire services’ computer systems.

The Second Circuit upheld the convictions of Vladislav Khalupsky and Vitaly Korchevsky for accessing hacked corporate press releases and then trading the stocks of the companies whose press releases had been stolen. In reviewing the convictions, the court also concluded that: (1) the government's proof at trial did not constructively amend or prejudicially vary from the superseding indictment; (2) the district court did not abuse it discretion in its handling of a jury note presented to the court during deliberations regarding whether one of the defendants had received and traded on certain press releases; and (3) the district court's giving of a conscious avoidance jury instruction was not erroneous (US-v-Khalupsky, July 19, 2021, Walker, J.).

International conspiracy. According to the government, an intermediary provided the conduit between two stock traders and two groups of Ukraine-based hackers who were able to circumvent security measures at three wire services that stored corporate press releases prior to publication. The hackers and the intermediary provided the traders with access to a server housing the purloined press releases, which contained information about pending corporate announcements that were potentially market-moving. When the initial phase of the alleged conspiracy fell apart, a different hacker continued to provide access to the stolen press releases and the conspiracy continued, albeit with slightly different arrangements.

In both instances, however, the traders shared the illicit profits from their trading with the intermediary. Khalupsky made a net profit of $3.1 million from the illegal trading, while Korchevsky made a net profit of $15 million, a 1,660 percent return on investment. On appeal, Khalupsky and Korchevsky challenged, among other things, the sufficiency of the evidence against them and their securities fraud convictions.

Conspiracy charge. Korchevsky asserted on appeal that the conspiracy could not have reached him because he and Khalupsky acted separately from each other and the other members of the conspiracy. The court began by noting the highly deferential standard of review, which essentially is whether any rational trier of fact could find the elements of a crime beyond a reasonable doubt.

With this standard in mind, the court picked apart Korchevsky’s assertion that he did not participate in a conspiracy. The court explained that although the intermediary deliberately kept Khalupsky and Korchevsky in separate spheres to see which of them could generate the highest trading profits, this approach to running the conspiracy also benefitted the overarching, singular conspiracy. Thus, the court rejected the claim that there was insufficient evidence of a conspiracy.

SQL injection and securities charges. The court began its review of the securities counts brought under Exchange Act Section 10(b) by "dispatch[ing]" Korchevsky’s arguments regarding his lack of a fiduciary duty. Korchevsky had argued that there was no "scheme or artifice to defraud" because he owed no fiduciary duty to investors and that his deception did not target investors. For one, the court said that when a case involves trading by an outsider, rather than an insider, no fiduciary duty is required. Second, the court explained that deception need only track the requirement that there be deception in connection with the buying or selling of any security.

Next, the court addressed Korchevsky’s argument that the alleged computer hacking was not a "deceptive device or contrivance." The court explained that the evidence showed how Korchevsky and others benefitted from a SQL injection attack to gain access to employee login information at the wire services, which them enabled the conspirators to access secured areas of the wire services’ computer systems. Although the court refrained from characterizing the legal status of the SQL injection, the court did further explain that the use of employee logins to move laterally through the wire services’ computer systems amounted to Korchevsky and others misrepresenting themselves as authorized users of those computer systems. As a result, the court concluded that Korchevsky had engaged in illegal behavior that fell within the plain meaning of "deception."

Venue for securities charges. Korchevsky and Khalupsky also disputed that venue in the Eastern District of New York was proper. The court, however, considered three pieces of evidence as conclusive that venue was proper. First, the court noted evidence showing that at least 175 of Korchevsky’s and Khalupsky’s trades occurred in the Eastern District of New York. The court also concluded that evidence showed that one of Korchevsky’s trades used a clearing agent located within the Eastern District of New York. The court went on to observe that this evidence was sufficient regarding Khalupsky’s aiding and abetting of the scheme. Moreover, the acts that occurred within the Eastern District of New York involved securities violations and not merely acts in preparation to a securities violation.

Sidebar on securities fraud and hacking. The original indictment charged Khalupsky and Korchevsky with conspiracy to commit wire fraud, conspiracy to commit securities fraud, securities fraud, and money laundering conspiracy. A different grand jury later returned a superseding indictment that included the original charges plus a charge of computer intrusions as an object of the conspiracy to commit securities fraud.

Here, as the Second Circuit mentioned in the context of fiduciary duties, the illegal trading was engaged in by outsiders rather than insiders, but the case nevertheless provides a convenient jumping off point to briefly discuss how Congress may legislatively evolve the definition of insider trading to explicitly include computer hacking.

The Insider Trading Prohibition Act (H.R. 2655), sponsored by Rep. Jim Himes (D-Conn), would create a statutory definition of insider trading that is intended to clarify federal securities fraud liability in light of multiple decisions by the U.S. Court of Appeals for the Second Circuit and recent opinions by the U.S. Supreme Court that, in part, had reaffirmed the Supreme Court’s Dirks opinion and, in part, clarified the scope of the Second Circuit’s decisions (See Salman ).

Under the bill’s proposed standard, trading while aware of material, nonpublic information (MNPI) or communicating MNPI would be wrongful only if such acts fell into one of several categories: (1) theft, bribery, misrepresentation, or espionage; (2) the violation of federal laws regarding computer data, intellectual property, or computer privacy; (3) unauthorized and deceptive takings (e.g., conversion or misappropriation); or (4) breach of fiduciary duty.

Some of these categories relating to computer security could expand the types of acts that may result in insider trading liability to acts that may not currently be within the general antifraud authority of Exchange Act Section 10(b). Presumably, this would make it easier to bring charges against persons who engage in theft, computer hacking, and related offences. The Himes bill passed the House most recently by a vote of 350-75 (considered en bloc with other bills); a similar version of the Himes bill passed the House during the last Congress by a vote of 410-13.

The case is Nos. 19-197-cr and 19-780-cr.

Attorneys: Richard M. Tucker, U.S. Attorney's Office, for the U.S. Barry D. Leiwant (Federal Defenders of New York, Inc.) for Vladislav Khalupsky.

MainStory: TopStory CyberPrivacyFeed FiduciaryDuties Enforcement FedTracker Securities FraudManipulation GCNNews PublicCompanyReportingDisclosure RiskManagement ConnecticutNews NewYorkNews VermontNews

Back to Top

Interested in submitting an article?

Submit your information to us today!

Learn More

Securities Regulation Law Daily: Breaking legal news at your fingertips

Sign up today for your free trial to this daily reporting service created by attorneys, for attorneys. Stay up to date on securities regulation legal matters with same-day coverage of breaking news, court decisions, legislation, and regulatory activity with easy access through email or mobile app.