Connect with us

Hi, what are you looking for?



SEC Charges 18 Over Scheme Involving Hacked Brokerage Accounts

The US Securities and Exchange Commission this week announced charges against 18 individuals and entities for their roles in a pump-and-dump scheme that involved account hacking.

The US Securities and Exchange Commission this week announced charges against 18 individuals and entities for their roles in a pump-and-dump scheme that involved account hacking.

As part of the scheme, the participating individuals allegedly conspired with others to hack into tens of online retail brokerage accounts to manipulate the prices of specific stocks.

Specifically, the individuals purchased shares of the common stock of public microcap companies Lotus Bio-Technology Development Corp. (LBTD) and Good Gaming, Inc. (GMER), then used the hacked accounts to artificially increase the prices of these shares by making large purchases of the same stock.

According to the SEC, the defendants then proceeded to sell their shares at the inflated prices, “generating approximately $1.3 million in proceeds and creating substantial profits.”

In a complaint filed on Monday, SEC claims that more than 30 US retail brokerage accounts were hacked as part of the scheme.

The defendants, which are Canadian, US, and UK nationals, were organized in two overlapping groups, SEC says.

According to the Commission, Christophe Merani, Rahim Mohamed, Zoltan Nagy, Robert Seeley, Phillip Sewell, Christopher Smith, Richard Smith, Anna Tang, Richard Tang, Breanne Wong, and Davies Wong, along with entities they controlled, purchased large blocks of LBTD common stock constituting most of the outstanding shares, but concealed their interest in the company.

Advertisement. Scroll to continue reading.

SEC also claims that Jeffrey Cox, Glenn Laken, Rahim Mohamed, and Richard Tang, transferred shares of GMER common stock to an offshore brokerage account, to hide Laken’s indirect ownership of the stock.

Shell companies controlled by the defendants include Avatele Group LLC, Harmony Ridge Corp., H.E. Capital SA, Maximum Ventures Holdings LLC, and POP Holdings Ltd.

In August and September 2017, using hacked brokerage accounts, the defendants purchased large quantities of LBTD shares to inflate their price. The same was done for GMER stock in January 2018.

At virtually the same time as the hacks, the defendants sold blocks of the two respective microcap companies at the artificially inflated prices, SEC says. Mohamed allegedly coordinated the hacking attacks.

“Our complaint details a brazen and sophisticated scheme, with hackers using international accounts and dummy account holders to hide their tracks. As this case demonstrates, the Division can uncover misconduct even when it crosses borders and is concealed behind multiple layers of obfuscation,” SEC director Nekia Hackworth Jones said.

Related: Fugitive Arrested After 3 Years on Charges Related to BEC Scheme

Related: UK Charges Alleged Lapsus$ Gang Members With Hacking

Related: US Charges Russian Oligarch, Dismantles Cybercrime Operation

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...