US SEC busts suspected stock exchange hacking scheme

By

Claims UK man hijacked investor accounts.

The US Securities and Exchange Commission has sued a UK man it claims hacked into online brokerage accounts of several US investors, placed unauthorised stock trades, and within minutes made profitable trades in the same stocks in his own account.

US SEC busts suspected stock exchange hacking scheme

A federal judge issued an emergency order freezing assets belonging to the defendant, Idris Dayo Mustapha, the SEC said on Wednesday, shortly after filing its civil lawsuit with the US District Court in Manhattan.

It was unclear whether Mustapha had a lawyer. He could not immediately be reached for comment.

According to court papers, Mustapha manipulated the hijacked accounts to buy more than US$5 million (A$6.7 million) worth of mostly little-known stocks in April and May, and coordinated his trading to sell the stocks at about the same time.

The SEC said Mustapha, 30, generated at least US$68,000 in profit from the trades, which cost his unwitting victims about US$289,000.

It said five victims held accounts with a broker in New Jersey, while four had accounts at foreign brokerage firms.

Mustapha was charged with securities fraud and SEC is seeking to recoup ill-gotten gains and impose civil fines.

"We will swiftly track down hackers who prey on investors as we allege Mustapha did, no matter where they are operating from and no matter how sophisticated their technology," Robert Cohen, co-chief of the SEC enforcement division's market abuse unit, said in a statement.

The suit follows a US$30 million settlement secured by the SEC last year, after it accused two Ukranian men of hacking into the networks of prominent business news wire services to access market press releases before they were announced.

The SEC claims the press release scheme netted US$100 million in five years.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party

Home Affairs adds SecOps to new cyber risk overhaul

Home Affairs adds SecOps to new cyber risk overhaul

Exetel fined $694k over system 'vulnerability' for mobile number porting

Exetel fined $694k over system 'vulnerability' for mobile number porting

Attackers weaponise Linux file names as malware vectors

Attackers weaponise Linux file names as malware vectors

Log In

  |  Forgot your password?