Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

SEC Charges 18 Over Scheme Involving Hacked Brokerage Accounts

The US Securities and Exchange Commission this week announced charges against 18 individuals and entities for their roles in a pump-and-dump scheme that involved account hacking.

The US Securities and Exchange Commission this week announced charges against 18 individuals and entities for their roles in a pump-and-dump scheme that involved account hacking.

As part of the scheme, the participating individuals allegedly conspired with others to hack into tens of online retail brokerage accounts to manipulate the prices of specific stocks.

Specifically, the individuals purchased shares of the common stock of public microcap companies Lotus Bio-Technology Development Corp. (LBTD) and Good Gaming, Inc. (GMER), then used the hacked accounts to artificially increase the prices of these shares by making large purchases of the same stock.

According to the SEC, the defendants then proceeded to sell their shares at the inflated prices, “generating approximately $1.3 million in proceeds and creating substantial profits.”

In a complaint filed on Monday, SEC claims that more than 30 US retail brokerage accounts were hacked as part of the scheme.

The defendants, which are Canadian, US, and UK nationals, were organized in two overlapping groups, SEC says.

According to the Commission, Christophe Merani, Rahim Mohamed, Zoltan Nagy, Robert Seeley, Phillip Sewell, Christopher Smith, Richard Smith, Anna Tang, Richard Tang, Breanne Wong, and Davies Wong, along with entities they controlled, purchased large blocks of LBTD common stock constituting most of the outstanding shares, but concealed their interest in the company.

SEC also claims that Jeffrey Cox, Glenn Laken, Rahim Mohamed, and Richard Tang, transferred shares of GMER common stock to an offshore brokerage account, to hide Laken’s indirect ownership of the stock.

Advertisement. Scroll to continue reading.

Shell companies controlled by the defendants include Avatele Group LLC, Harmony Ridge Corp., H.E. Capital SA, Maximum Ventures Holdings LLC, and POP Holdings Ltd.

In August and September 2017, using hacked brokerage accounts, the defendants purchased large quantities of LBTD shares to inflate their price. The same was done for GMER stock in January 2018.

At virtually the same time as the hacks, the defendants sold blocks of the two respective microcap companies at the artificially inflated prices, SEC says. Mohamed allegedly coordinated the hacking attacks.

“Our complaint details a brazen and sophisticated scheme, with hackers using international accounts and dummy account holders to hide their tracks. As this case demonstrates, the Division can uncover misconduct even when it crosses borders and is concealed behind multiple layers of obfuscation,” SEC director Nekia Hackworth Jones said.

Related: Fugitive Arrested After 3 Years on Charges Related to BEC Scheme

Related: UK Charges Alleged Lapsus$ Gang Members With Hacking

Related: US Charges Russian Oligarch, Dismantles Cybercrime Operation

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.