The Malta Independent 2 July 2025, Wednesday
View E-Paper

Updated (3): Maltese firm made US$25 million in hacking scheme, company denies allegations

Wednesday, 12 August 2015, 10:50 Last update: about 11 years ago

Maltese company Exante Ltd, whose offices are located at the Portomaso Tower, is alleged to have illicitly made US$24.5 million “ill-gotten gains”, in what American investigators are calling the biggest case of its kind ever prosecuted, and one that demonstrated yet another way in which the financial world is highly vulnerable to cybercrime.

A lawsuit filed by the US Security and Exchange Commission has named the Maltese company as one of 15 companies that received early embargoed company earnings reports from an international hacking scheme that allegedly raked in US$100 million between 2010 and 2015.

Although based and incorporated in Malta, Exante’s five directors are all Russian and Latvian, while its €13.6 million shareholding is owned by Russian and Latvian individuals as well as by companies based in the Cayman Islands and the British Virgin Islands.

According to a complaint filed by the SEC in the New Jersey District Court on Monday, Exante - which American investigators said “purports to be a Malta-based hedge fund” - holds proprietary trading accounts at Interactive Brokers and at Lek Securities, which were used in connection with the fraudulent scheme.

In all, American investigators say Exante itself raked in US$24.5 in “in ill-gotten gains” through trades over the platforms – accounting for almost a quarter of the entire scam.

In its complaint, the SEC explains that several of Exante's directors are also owners of co-defendant Global Hedge Capital Fund Ltd., and that the two entities share employees.

The SEC details how, “Exante and Global Hedge frequently made illicit trades in the same securities, on the same days and around the same time, and often through the same IP addresses.”

Global Hedge Capital Fund Ltd, meanwhile, according to the SEC, “purports to be a Cayman Islands-based hedge fund with its principal place of business in Moscow, Russian Federation.

“Several of its owners are directors of Exante and the two entities share employees. Global Hedge has a proprietary trading account at Interactive Brokers. In connection with the fraudulent scheme, Global Hedge executed unlawful trades in that account resulting in over $3.8 million in ill-gotten gains, often in the same securities, on the same days and close to the same times, and often through the same IP addresses as Exante.”

US authorities said that beginning in 2010 and continuing as recently as May, they gained access to more than 150,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco. The press releases contained earnings figures and other corporate information.

The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days, prosecutors said.

 

Exante denies allegations, says no illicit trading tolerated

Exante replied to the claims this evening by saying that, “The complaint completely misrepresents Exante, our business model, and the regulatory conditions we operate in. Exante has worked hard to build a strong brand respected by its peers that serves as a one-stop shop for all markets and instruments. The company was built for traders by traders and any illicit trading will not be tolerated.”

The company specified that it holds a license from the Malta Financial Services Authority and that it is a broker that provides DMA to most markets in the world.

“Contrary to claims in the complaint as well as in the media, Exante has never been and is not a hedge fund. Our business model is to execute trades for our clients.”

Exante said it has strong and effective internal and external market surveillance and monitoring.

The company explained that it is in “direct contact with multiple authorities, including the MFSA, to resolve this issue swiftly. We have no doubt in time we will be proven to have acted in an appropriate manner and await the factual results.

“Our employees will continue to work hard to ensure Exante clients continue to receive outstanding service whilst gaining peace of mind and security.”

 

New risks by sophisticated hackers

The case "illustrates the risks posed for our global markets by today's sophisticated hackers," SEC chief Mary Jo White said. "Today's international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated."

nine people indicted include two people described as Ukrainian computer hackers and six stock traders. Prosecutors said the defendants made $30 million from their part of the scheme.

Perhaps even more alarming was the assertion by prosecutors that much of the group's ability to illegally tap into the news services' computer systems came via "phishing," a well-known practice in which hackers send an email with a seemingly innocuous link that, if clicked on, can eventually lead to the divulging of the user's login and password information.

The case should sound a warning for anyone who uses email in a work setting, Paul Fishman, U.S. attorney for New Jersey, said Tuesday.

"Every employee of every company has to be vigilant about the emails they get from people who look like their friends or acquaintances, urging them to click on a link," Fishman said. "They should say to themselves every time that happens, 'That seems like a really bad idea.'"

A strong earnings report or other positive news can cause a company's stock to rise, while disappointing news can make it fall. The conspirators typically used the advance information to buy stock options, which are essentially a bet on the direction a stock will move, authorities said.

The hackers were routinely paid a cut of the profits, prosecutors contended.

Five defendants were arrested in the U.S. on Tuesday, and warrants were issued for four others in Ukraine.

Among those charged were Pavel, Igor and Arkadiy Dubovoy. Authorities said they are related but didn't say how. Arkadiy and Igor were arrested at their homes in Alpharetta, Georgia. Pavel was believed to be in Ukraine.

It wasn't immediately known whether the defendants had attorneys.

Business Wire said it has hired a cybersecurity firm to test its systems and make sure they are protected. PR Newswire said it is cooperating with the investigation, and added: "We take security very seriously and are dedicated to protecting our information and systems." Marketwire did not immediately respond to a request for comment.

The hacker group made more than $600,000 by trading the stock of Caterpillar Inc. in 2011 after getting an advance look at a news release that said the heavy-equipment maker's profits were up 27 percent, according to the indictment.

Similarly, the group made more than $1.4 million trading stock in Silicon Valley's Align Technology in 2013 ahead of a press release that said revenue had climbed more than 20 percent, the indictment said.

The most serious charges in the indictment, wire fraud and securities fraud, carry up to 20 years in prison.

The SEC lawsuit named a total of 17 individuals and 15 companies in the US and elsewhere in places such as, in addition to Malta, Russia, France, and Cyprus. The SEC is seeking unspecified fines and restitution against the 32 defendants.

 

 

  • don't miss