Ex-CME programmer admits to stealing source code
Posted on 21 September 2012.
A former senior software engineer for Chicago-based CME Group pleaded guilty to theft of trade secrets for stealing computer source code and other proprietary information while at the same time pursuing plans to improve an electronic trading exchange in China.

Chunlai Yang admitted that he downloaded more than 10,000 files containing CME computer source code that made up a substantial part of the operating systems for the Globex electronic trading platform.

The government maintains that the potential loss was between $50 million and $100 million, while Yang maintains that the potential loss was less than $55.7 million.

Yang, 49, of Libertyville, who worked for CME Group for 11 years, pleaded guilty to two counts of theft of trade secrets. He faces a maximum penalty of 10 years in prison and a $250,000 fine on each count. Sentencing is scheduled for February 20, 2013.

Yang also agreed to forfeit computers and related equipment that were seized from him when he was arrested.

According to the plea agreement, Yang began working for CME Group in 2000 and was a senior software engineer at the time of his arrest. His responsibilities included writing computer code and, because of his position, he had access to the software programs that supported the Globex electronic trading platform, which allowed market participants to buy and sell CME Group products from any place at any time.

The source code and algorithms that made up the supporting programs were proprietary and confidential business property of CME Group, which instituted internal measures to safeguard and protect its trade secrets.

Between late 2010, and June 30, 2011, Yang downloaded more than 10,000 computer files containing CME computer source code from CME’s secure internal computer system to his CME- issued work computer. He then transferred many of these files from his work computer to his personal USB flash drives, and then transferred many of these files from his flash drives to his personal computers and hard drives at his home.

Yang also admitted that he downloaded thousands of others CME files. Court documents disclosed that he printed numerous CME internal manuals and guidelines describing how many of the computer files that comprise Globex operate and how these computer files interact with each other.

Yang also admitted that he and two unnamed business partners developed plans to form a business referred to as the Tongmei (Gateway to America) Futures Exchange Software Technology Company (Gateway), whose purpose was to increase the trading volume at the Zhangjiagang, China, chemical electronic trading exchange (the Zhangjiagang Exchange.)

Yang engaged in contract negotiations on behalf of Gateway with the Zhangjiagang Free Trade Board for Gateway to improve the trading platform for the Zhangjiagang Exchange.

The Zhangjiagang Exchange was to become a transfer station to China for advanced technologies companies around the world. Yang expected that Gateway would provide the exchange with technology through written source code to allow for high trading volume, high trading speeds, and multiple trading functions.

To help the China exchange attract more customers and generate higher profits, Gateway proposed to expand the Zhangjiagang Exchange’s software by providing customers with more ways of placing orders; connecting the exchange database’s storage systems and matching systems; rewriting the trading system software in the JAVA computer programming language; raising the system’s capacity and speed by modifying communication lines and structures; and developing trading software based on the FIX computer coding language.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //