Putin’s Trader — How Russian Hackers Stole Millions from U.S. Investors | CNBC Documentary

The M13 Insider Trading Scheme

• On March 21st, 2021, Vladislav Klyushin, a Russian oligarch, was on his way to a ski vacation in Switzerland with his wife.
• Klyushin was a successful businessman with connections to the Russian government, working for the office of President Vladimir Putin.
• Klyushin was apprehended at the airport in ski gear, ready to board a helicopter for a skiing trip.
• After his arrest, Klyushin's wife sent a text message to Ivan Yermakov, his co-conspirator and a former GRU officer, confirming their involvement in the scheme.
• Klyushin was convicted of securities fraud, wire fraud, gaining unauthorized access to computers, and conspiracy to commit those crimes.
• He was sentenced to nine years in prison, ordered to forfeit over $34 million, and pay restitution.
• Yermakov, who had previously warned Klyushin about the risks of their actions, remains at large.
• Klyushin received the Russian Medal of Honor, signed by Vladimir Putin, and an award from the FSB, suggesting his connections to Russian intelligence.
• Klyushin and Ivan Yermakov, a former employee of M13, socialized together and formed a business partnership.
• Klyushin's desire for more wealth and success led him to create a hedge fund that used stolen information to profit from insider trading.
• Klyushin recruited investors from the Russian business community, promising them high returns on their investments.
• Klyushin's scheme generated significant profits, but his relentless pursuit of wealth and his increasingly reckless behavior began to worry his employees.
• Klyushin's lavish lifestyle: Klyushin, the leader of the hacking group M13, used his ill-gotten gains to live a luxurious lifestyle, purchasing four Porsche sports cars for himself, his associates, and investors.
• Insider trading scheme: M13 stole confidential corporate earnings reports before they were publicly released, allowing them to buy or sell stocks based on the information.
• Tesla earnings leak: M13 stole Tesla's draft earnings release, which showed a significant increase in revenue. They then bought Tesla shares before the information was made public, profiting from the subsequent stock surge.
• Skechers and Ulta Beauty: M13 also stole information about Skechers and Ulta Beauty, using it to make millions of dollars in trades. They bought Skechers stock after learning of positive news and shorted Ulta Beauty stock after learning of negative news.
• Financial gains: Klyushin and his investors made substantial profits from their insider trading activities, with some investors nearly tripling their investments. Klyushin even kept a safe filled with $3 million in cash.
• Threema chat: M13 used an encrypted messaging app called Threema to communicate, believing their conversations were secure. However, investigators obtained access to these chats, revealing explicit details of their illegal activities.
• Yermakov's warning: Yermakov, a veteran intelligence officer involved in the scheme, warned Klyushin about the risks of using Threema, fearing that their conversations could be intercepted.
• Investigators' discovery: The investigators were astonished to find the Threema chats, which provided irrefutable evidence of the group's crimes. The criminals' own words, admitting to their illegal activities, proved to be a crucial breakthrough in the case.
• The M-13 crew, a group of Russian hackers, attempted to profit from insider trading but lacked financial expertise, leading to poor trading decisions and more losses than gains.
• Despite their inexperience, they managed to make $93 million in less than three years, raising suspicions at Saxo Bank, the Danish online broker they used for trades.
• When questioned by Saxo Bank, Vladislav Klyushin, the leader of M-13, fabricated a story about an app called Preston that analyzed social media and the internet to forecast stock trends.
• Klyushin further lied about the source of their successful Tesla trades, claiming they were based on Elon Musk's tweet about taking Tesla private, which was not true.
• When Saxo Bank requested a copy of the Preston app, M-13 panicked as it did not exist, highlighting their deception.
• Meanwhile, the FBI, led by BJ Kang, was diligently investigating M-13's activities, gathering evidence and carefully planning their next steps to avoid alerting the suspects.
• The FBI recognized the potential for M-13's actions to destabilize American financial markets and felt the urgency to act swiftly.
• The investigation into the insider trading scheme shifted from gathering information to a manhunt when the identity of the perpetrators was discovered.
• Vladislav Klyushin, the mastermind behind the operation, was known to be in Russia, a country that wouldn't extradite him.
• Despite the knowledge of his location, the authorities had to wait for an opportunity to apprehend him.
• Klyushin's desire to travel and his connections within the Russian intelligence community, particularly the FSB's Department of Military Counterintelligence (DVKR), allowed him to plan trips outside Russia.
• In March 2021, the FBI discovered that Klyushin had chartered a private jet to Switzerland and coordinated with Swiss authorities to arrest him upon his arrival.

Russian Intelligence and Insider Trading

• A former Russian spy, who now lives in the United States under an assumed identity, revealed that Klyushin's case was just a small part of a larger Russian strategy.
• The former spy, who served in the FSB for 16 years, explained that the Russian government uses unconventional methods to respond to Western sanctions.
• He described a strategy where Vladimir Putin authorizes top intelligence officers to disrupt Western economies, with cyberattacks and insider trading being just one aspect of this "war."
• The former spy stated that many Russian intelligence officers steal Western financial information for personal profit, and this practice is common.
• He confirmed that Russian spies have been stealing financial information from American companies for years and profiting from it, with the information being shared with their bosses in Moscow or Kremlin-affiliated companies.
• The former spy emphasized that while cyberattacks are traceable, having a mole inside a company provides a more discreet and long-term advantage for Russian intelligence.
• The speaker, a former Russian spy, believes that there are moles inside American companies who provide information to Russian intelligence.
• He describes the process of recruiting foreign businessmen as a long and meticulous one, comparing it to a shark circling its prey.
• Cybersecurity expert Sandra Joyce highlights the ease with which the GRU, Russia's military intelligence agency, was able to hack into American companies for insider trading.
• She expresses concern about former GRU members using their skills to engage in cybercrime in the private sector, particularly in the form of ransomware and extortion.
• Joe Bonavolonta, former head of the FBI's Boston division, believes that the M13 insider trading gang is likely not the only one operating.
• The speaker questions whether Yermakov, the main suspect in the M13 case, is still engaged in insider trading, considering the significant risk he faces due to multiple federal indictments.
• The speaker speculates that Vladimir Putin may allow his intelligence services to engage in insider trading as a way to destabilize Western businesses and gain an advantage.
• He suggests that Putin may see this as a perk for his top operatives, allowing them to enrich themselves while serving the interests of the Russian state.
• The Russian hackers, Ivan Yermakov and Vladislav Klyushin, were essentially freelancers who were allowed to operate with little oversight and keep all the profits from their hacking activities.
• This arrangement benefits Putin by providing him with free hacking services to destabilize the West, while his trusted insiders, like Yermakov and Klyushin, become wealthy.
• A former Russian spy suggests that Yermakov and Klyushin may have been given a tip about targeting filing agents, implying that someone else, potentially a spy with knowledge of the business, guided them to this lucrative target.
• The United States government is still monitoring Yermakov, waiting to see if he travels to a ski resort, as the former spy claims this is a common meeting place for Russian intelligence operatives.
• The FBI is investigating a hidden world of Russian intelligence insider trading, which suggests a deeper network of individuals involved in these activities.