A Google security engineer was charged with insider trading after winning $1.2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentralized prediction market.
36-year-old Michele Spagnuolo, an Italian citizen residing in Switzerland and a Google employee since 2014, appeared on Wednesday in the Southern District of New York.
In parallel, the Commodity Futures Trading Commission (CFTC) filed a separate civil complaint the same day, seeking restitution, disgorgement, civil monetary penalties, and trading and registration bans.
According to the criminal complaint, throughout this scheme, Spagnuolo used his access to an internal software tool containing confidential “Year in Search” data (Google’s annual ranking of top trending search terms), which was marked with a “Google Confidential” banner in red text.
Beginning in October 2025, Spagnuolo allegedly used a Polymarket account under the alias “AlphaRaccoon” to bet on whether specific individuals would appear on Google’s top trending search lists. He also allegedly used confidential data from Google’s internal data tool and placed bets with near-perfect accuracy across approximately 25 unlikely outcomes, while risking roughly $2.75 million in total.
After Google publicly announced its Year in Search results on December 4, 2025, Spagnuolo’s AlphaRaccoon Polymarket account collected approximately $1.2 million in USDC.e winnings.
“From on or about December 4, 2025 through on or about December 10, 2025, when the Polymarket markets regarding Google’s Year in Search resolved, the software released approximately 3,914,362 million USDC.e to the AlphaRaccoon Polymarket account. On or about December 10, 2025, the AlphaRaccoon Polymarket account sent approximately 5.045 million USDC.e, to Wallet-0xAf6,” the complaint reads.
The FBI traced the AlphaRaccoon account to a payment processor account registered in Spagnuolo’s name and linked to an Italian government identification card. After online communities on Discord and X began speculating that AlphaRaccoon was a Google insider, the username was removed from the account, reverting it to an alphanumeric wallet address.
Prosecutors said that Spagnuolo subsequently moved the illegal proceeds through multiple cryptocurrency-swapping services, including one that removes wallet addresses from the blockchain.
“Today’s charges reinforce a decades-old message: corporate insiders cannot use confidential business information to turn a profit in our markets,” said U.S. Attorney Jay Clayton. “As alleged, Spagnuolo violated the duties he owed to his employer and used Google’s confidential business information to make more than $1.2 million in trading profits on Polymarket.”
“Employees who are entrusted with confidential business information cannot misappropriate that information for personal financial gain,” added CFTC Director of Enforcement David I. Miller.
Spagnuolo now faces a maximum of 10 years in prison on a commodities fraud count and 20 years each on wire fraud and money laundering counts.
Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.
This guide covers the 6 surfaces you actually need to validate.
