Sabodakh Igor

2020: Payment of 148 thousand for cracking of the IT system of SEC

On April 9, 2020 the U.S. Securities and Exchange Commission announced conclusion of an agreement with the citizen of Ukraine Igor Sabodakhoy whom the regulator on an equal basis with some other hackers accused of cracking of the IT system.

Under the terms of the reached agreement, Sabodakh will pay compensation in the amount of $148 thousand. Other defendant — the resident of California David Kwon went to the similar transaction. To him, illegal trade in data which were stolen as a result of cracking of a system of disclosure of financial results of the companies was incriminated to Sabodakhe and seven more cybercriminals.

The Ukrainian hacker will pay $148 thousand for cracking of the American financial regulator

The cyber security is crucial for transactions in our market,  risks are high and in many cases arise systematically  — the head of the U.S. Securities and Exchange Commission Jay Clayton noted.

According to the statement of SEC, in May, 2016 hackers began to send e-mails with the infected files to the staff of the commission, issuing themselves for employees of security of the regulator. It allowed malefactors to get into a computer system of SEC and to steal information necessary for access.

Then they began to load "test" documents of the companies which those file that to check the access to a system. Frequent it is empty documents, but some companies send real financial results which are going to open. Hackers loaded such test documents on the server in Lithuania which was paid using bitcoins. Remained only to their accomplices quickly – occasionally less than for an hour – to open the corresponding positions on stocks of these companies. In total they used 157 such documents.

SEC detected cracking of the system in October, 2016 and eliminated its vulnerability. But some employees of the regulator, having learned about cyber attack, not at once guessed that unfair traders can be involved in it.^[1]

Notes