Authorities unsealed three indictments against Aleksandr Kalinin, known by the hacker handles “Grig” and “Tempo.”
In one indictment, Mr. Kalinin is charged with illegally accessing the computer servers of New York-based Nasdaq OMX Group Inc., which runs the tech-heavy stock exchange, and installing malicious software.
This malware “enabled him and others to surreptitiously access the infected Nasdaq servers and execute commands on those servers, including commands to delete, change or steal data,” said a statement from the U.S. Attorney's Office for the Southern District of New York.
“The infected servers did not include the trading platform that allows NASDAQ customers to buy and sell securities,” the statement adds.
The breach was first reported publicly in 2011 by The Wall Street Journal, and caused concern because it highlighted the vulnerability of U.S. financial infrastructure to hackers — including potential terrorists or others bent on destruction.
A second indictment accuses Mr. Kalinin and Nikolay Nasenkov, 31, of stealing more than $7 million by hacking Citibank and other banks, and cloning ATM cards with the stolen data.
“The ATM cards were then used, along with the stolen account PINs, to access individual victims’ accounts through ATMs located around the world, including in the United States, Estonia, Canada, Great Britain, Russia, and Turkey,” the statement says.
Both men remain at large, prosecutors said.
The third indictment was unsealed in New Jersey, and no details were immediately available.