Agency Offering $1 Million Rewards for Information on 2 Ukrainian Suspects
The U.S. Secret Service has published a Most Wanted Fugitives list featuring 10 suspects wanted in connection with financial cybercrimes.
The Secret Service is offering rewards of up to $1 million for information leading to the arrests of two suspects who allegedly targeted the U.S. Security and Exchange Commission’s EDGAR system server in 2016. EDGAR – which stands for Electronic Data Gathering, Analysis, and Retrieval – is the SEC’s electronic filing repository for company data, including future announcements and corporate financial records.
The two suspects, Ukrainian citizens Artem Viacheslavovich Radchenko and Oleksandr Vitalyevich Ieremenko, were indicted in 2019 on federal criminal charges (see: $1 Million Rewards Offered for Help in Finding SEC Hackers).
The publishing of the Most Wanted Fugitive list, which is similar to the FBI’s Most Wanted List, comes as the Secret Service has been increasingly involved in pursuing and investigating cyber-related financial crimes. In July 2020, the agency announced its Cyber Fraud Task Force, which combined agents and resources from the Electronic Crimes Task Forces and Financial Crimes Task Forces.
Originally part of the U.S. Treasury Department, the Secret Service was moved under the oversight of the Department of Homeland Security after the Sept. 11, 2001, terrorist attacks. But the agency continues to investigate financial-related crimes and is increasingly called on to investigate cybercrime and other types of fraud.
For example, the Secret Service has been investigating wide-scale fraud involving the theft of millions of dollars in federal unemployment benefits that were earmarked for Americans who lost their jobs during the COVID-19 crisis, according to a New York Times report.
“The U.S. Secret Service is uniquely authorized to investigate complex cyber-enabled financial crimes, and participates in the large network of partners within the global law enforcement community to accomplish this mission,” an agency spokesperson tells Information Security Media Group. “The Secret Service additionally welcomes the public’s participation to ensure that those who threaten the nation’s financial infrastructure, domestically or abroad, are identified and brought to justice.”
Over the last several months, ransomware attacks, including those against Colonial Pipeline Co. and meat processor JBS, have drawn attention to how illegal financial transactions and unregulated cryptocurrency help facilitate these activities.
A report published in April by the Institute for Security and Technology’s Ransomware Task Force offered dozens of recommendations to help curb ransomware activity. It recommends, for example, developing new regulations designed to better track and regulate the markets for bitcoin and other cryptocurrencies – the favorite form of payment for cybercriminal organizations and their affiliates (see: Fighting Ransomware: A Call for Cryptocurrency Regulation).
The new Most Wanted Fugitive list helps to highlight that part of the Secret Service’s mission is to protect the U.S. financial sector and investigate cyber-related crimes that affect the U.S. financial system, says Tom Kellermann, the head of cybersecurity strategy for VMware and a member of the Cyber Investigations Advisory Board for the U.S. Secret Service.
“These criminals represent a selection of untouchable cybercriminals – most of which enjoy a protection racket from specific regimes,” Kellermann says, noting that many of the suspects listed appear to be living in other nations.
The Most Wanted Fugitive List offers details on 10 suspects in financial-related cybercrimes, including fraud. The list includes:
Artem Radchenko and Oleksandr Ieremenko: Federal prosecutors and the SEC allege that Radchenko and Ieremenko participated in the hacking of the EDGAR system in 2016 to steal nonpublic corporate information. A group of stock traders and companies later used this information to illegally earn $4.1 million through insider trading, according to the indictment. A news report from The Verge says Ieremenko fled to Russia.
Roman Sergeevich Kotov: From August 2005 to July 2012, Kotov and other co-conspirators allegedly ran a large-scale operation that targeted payment processing companies, retailers and financial institutions, resulting in the theft of 160 million credit card numbers. The financial losses total more than $300 million, according to the Secret Service.
Rashawd Lamar Tulloch: In 2019, a federal grand jury indicted Tulloch for his alleged role in laundering money for a Romanian-based cybercriminal gang that defrauded U.S. victims through online auction fraud.
Danil Potekhin and Dmitrii Vadimovich Karasavidi: From June 2017 to April 2018, Potekhin and Karasavidi allegedly ran a large-scale phishing campaign that targeted users of multiple digital currency exchanges to steal credentials. The Secret Service believes that the two stole more than $17 million through this scheme.
Farkhad Rauf Ogly Manokhin: In 2015, a federal grand jury indicted Manokhin on charges of operating a money laundering network that facilitated cash transfers on behalf of a Russia-based malware development organization. In 2017, he was arrested in Sri Lanka but escaped custody before being extradited to the U.S.
Ahmed Yassine Abdelghani and Allan Esteban Hidalgo Jimenez: In 2013, federal prosecutors unsealed an indictment against Liberty Reserve, a company that allegedly operated as a digital currency service and criminal bank payment processor designed to help users conduct illegal transactions anonymously and launder the proceeds of their crimes. The company and some of its employees allegedly laundered about $6 billion in criminal proceeds. Abdelghani, who allegedly managed the daily operations of Liberty Reserve between approximately 2006 and 2009, has also been indicted for conspiracy to commit money laundering and other charges. Jimenez, who allegedly ran the daily operation of Liberty in 2010, is also charged with conspiracy to commit money laundering.
Pavel Pavlovich Dubovoy: In 2010, a federal grand jury indicted Dubovoy and other co-conspirators for allegedly hacking the networks of Marketwire, PR Newswire and Business Wire to steal confidential financial information from various companies and then conducting stock trades before the data was released to the public. Prosecutors believe the scheme resulted in $30 million worth of illegal stock trades.