HFT Shenanigans: PFE, NQ/QQQ, And CME Group Hacking

Every week Floating Path looks to highlight some of the crazier examples of HFT running amok in the markets. We typically do so with the help of Nanex which monitors, analyzes, and visualizes high frequency trading market data.


On Friday afternoon, the stock of Pfizer dropped about 1% in a second. The flash crash type move, albeit shallow, included all exchanges and the price quickly regained all losses.

HFT Shenanigans PFE 600x400 HFT Shenanigans: PFE, NQ/QQQ, And CME Group Hacking


This past week Nanex published a slew of charts from Friday, November 8th showing very peculiar activity in Nasdaq futures and the corresponding ETF a few seconds before the release of the Employment Situation.

It appears that an HFT algorithm was able to spoof the price higher for the futures contract, while simultaneously shorting the QQQ and keeping a ceiling on the price. If this is in fact the case, this strategy would be able to reap large, risk-less profits, just the kind high frequency trading is so partial to.

Big spike in futures contract…

HFT Shenanigans NQ QQQ 600x400 HFT Shenanigans: PFE, NQ/QQQ, And CME Group Hacking

Zooming in to about 2 seconds of time in futures…

HFT Shenanigans NQ QQQ 2 600x400 HFT Shenanigans: PFE, NQ/QQQ, And CME Group Hacking

The same 2 seconds as above, but showing price in QQQ…

HFT Shenanigans NQ QQQ 3 600x400 HFT Shenanigans: PFE, NQ/QQQ, And CME Group Hacking

Again the same 2 seconds, but showing quotes in QQQ. Notice the large amount of offers at a $81.73. It would appear that is the level the HFT algo was shorting against.

HFT Shenanigans NQ QQQ 4 600x400 HFT Shenanigans: PFE, NQ/QQQ, And CME Group Hacking

CME Group Hacking

On Friday the CME Group officially announced that their systems were breached by a cyber intruder in July. The extreme delay in making the announcement raised plenty of eyebrows among traders. The exchange admitted in their statement that customer information was compromised.

This announcement comes in the same week London officials conducted a widespread war game simulating a cyber terror attack. As the global financial system becomes highly automated and intertwined, financial cyber terrorism has become a real threat to the stability of markets and the broader workings of banks and financial institutions.

In a communication to certain customers today, CME Group confirmed it was the victim of a cyber intrusion in July, making it one of the many organizations subject to this type of crime in recent months.

To date, there is no evidence that trades on CME Globex were adversely impacted, or that the provision of clearing services by CME Clearing or CME Clearing Europe, or trading in CME markets, were disrupted.

CME Group takes these events very seriously and places a high priority on protecting its customers’ information and ensuring the integrity of its markets. Though CME Group maintains sophisticated systems, teams and processes to prevent such incidents, and promptly took significant actions to address the incident, CME Group has learned that certain customer information relating to the CME ClearPort platform was compromised. To protect participants, CME Group forced a change to customer credentials impacted by the incident, and is corresponding directly with the impacted customers.

The incident is the subject of an ongoing federal criminal investigation and CME Group is cooperating with law enforcement in its investigation into this matter.

This article originally appeared on Floating Path.