SEC brings charges in EDGAR hacking case. (Graphic Courtesy of the SEC)

Federal prosecutors have filed criminal charges against two Ukrainian men accused of hacking into the U.S. Securities and Exchange Commission's computer system to spread nonpublic information to a network of traders who illegally profited from it.

Federal prosecutors in New Jersey on Tuesday unsealed a 16-count federal indictment charging Artem Radchenko, 27, and Oleksandr Ieremenko, 26, both from Kiev, Ukraine, with securities fraud conspiracy, wire fraud conspiracy, computer fraud conspiracy, wire fraud, and computer fraud.

“The defendants charged in the indictment announced today engaged in a sophisticated hacking and insider trading scheme to cheat the securities markets and the investing public,” said New Jersey U.S. Attorney Craig Carpenito in a press release announcing the criminal charges. “They targeted the Securities and Exchange Commission with a series of sophisticated and relentless cyber-attacks, stealing thousands of confidential EDGAR filings from the Commission’s servers and then trading on the inside information in those filings before it was known to the market, all at the expense of the average investor.”

The indictment claims that Ieremenko participated in a previously disclosed scheme to hack into the agency’s electronic filing system and to get nonpublic information to trade on. Ieremenko was charged in 2015 with allegedly hacking newswire services to gain nonpublic information as part of a scheme that the SEC claims yielded more than $100 million in profits.

According to Tuesday's criminal indictment, Ieremenko "employed some of the same techniques and methods that he had used in the Newswire Hacking Scheme" when hacking into the SEC's Electronic Data Gathering, Analysis and Retrieval system, or EDGAR. According to the indictment, the hacked EDGAR servers are housed in New Jersey.

Prosecutors claim that the defendants sent emails to SEC employees that were designed to appear as if they were coming from other employees at the agency. The indictment claims that those phishing emails were used to install malware on certain SEC computers which the defendants then used to get access to filings from publicly traded companies that had not yet been made public.

In a related civil enforcement action filed Tuesday in the District of New Jersey, lawyers at the SEC claim that Ieremenko worked alongside six individual traders in California, Ukraine, and Russia and two entities to make trades before more than 150 earnings releases from May to October 2016. The SEC claims those trades generated at least $4.1 million in illegal profits.

Beyond Radchenko and Ieremenko, the SEC's civil complaint in the case names six additional individuals and two entities that the agency claims traded on information gleaned from the hacking scheme. The individual defendants include Sungjin Cho and David Kwon in Los Angeles; Igor Sabodakha, Victoria Vorochek, and Ivan Olefir in Ukraine, and Andrey Sarafanov in Russia. The entities charged include Capyield Systems Ltd., allegedly owned by Olefir, and Spirit Trade Ltd.

Information about defense counsel in both the criminal and civil cases wasn't immediately available.

In a statement released Tuesday, SEC Chairman Jay Clayton said that the agency must remain vigilant to maintain the integrity of the market.

"No system can be entirely safe from a cyber intrusion," Clayton said. "Here at the SEC, we recognize that we must continuously use the resources available to us efficiently and effectively to bolster our cybersecurity defenses and reduce our cyber risk profile."

Read the indictment:

Read the SEC complaint: