Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Ring Stole Secrets For Gaming US Stock Market

Posted by samzenpus on from the protect-ya-neck dept.

chicksdaddy writes Reuters has the scoop this morning on a new report out from the folks at FireEye about a cyber espionage ring that targets financial services firms. The campaign, dubbed FIN4 by FireEye, stole corporate secrets for the purpose of gaming the stock market. FireEye believes that the extensive cyber operation compromised sensitive data about dozens of publicly held companies. According to the report, the victims include financial services firms and those in related sectors, including investment bankers, attorneys and investor relations firms. Rather than attempting to break into networks overtly, the attackers targeted employees within each organization. Phishing e-mail messages led victims to bogus web sites controlled by the hackers, who harvested login credentials to e-mail and social media accounts. Those accounts were then used to expand the hackers' reach within the target organization: sending phishing email messages to other employees.

2 of 37 comments (clear)

  1. Re:crooks done by crooks by Anonymous Coward · · Score: 2, Insightful

    People possessing the privileged information that was stolen are not allowed to use it for their own benefit when making stock trades. They are not directly hurt. Use of the unfair advantage that stolen privileged information provides facilitates a wealth transfer from everyone participating in the stock market to those committing the crime. The common folk are hurt in a very diffuse sort of way. Anyone with any sense ought to know that the common folk are always at a disadvantage when investing in the stock market. The bigger issue is that this sort of thing undermines trust in the system itself. If everyone refuses to put their 401K money into the stock market because they believe the game is hopelessly rigged against them then that can become a real problem. Personally I'd rather small investors could just keep their money in interest bearing savings accounts that provide a fair return and only large investors who take significant stakes in companies and are active in exercising their shareholder rights own stocks. Institutional investors abdicate their responsibilities and leave a publicly owned firm without effective oversight by its owners, leaving no one but government and the likes of the SEC to protect the interests of the public.

  2. Lawsuits by Etherwalk · · Score: 3, Insightful

    What were the names of these companies and how exactly did hacking email accounts lead to a compromise of the Operating System?

    Announcing their names would cost the companies billions of dollars and get the victims of the fraud fired and possibly make them unhireable.

    And Reuters would get sued by all of them.

    It would probably win, but it would still be expensive.

    In addition there is almost certainly an ongoing investigation.