US SEC busts suspected stock exchange hacking scheme

The US Securities and Exchange Commission has sued a UK man it claims hacked into online brokerage accounts of several US investors, placed unauthorised stock trades, and within minutes made profitable trades in the same stocks in his own account.

A federal judge issued an emergency order freezing assets belonging to the defendant, Idris Dayo Mustapha, the SEC said on Wednesday, shortly after filing its civil lawsuit with the US District Court in Manhattan.

It was unclear whether Mustapha had a lawyer. He could not immediately be reached for comment.

According to court papers, Mustapha manipulated the hijacked accounts to buy more than US$5 million (A$6.7 million) worth of mostly little-known stocks in April and May, and coordinated his trading to sell the stocks at about the same time.

The SEC said Mustapha, 30, generated at least US$68,000 in profit from the trades, which cost his unwitting victims about US$289,000.

It said five victims held accounts with a broker in New Jersey, while four had accounts at foreign brokerage firms.

Mustapha was charged with securities fraud and SEC is seeking to recoup ill-gotten gains and impose civil fines.

"We will swiftly track down hackers who prey on investors as we allege Mustapha did, no matter where they are operating from and no matter how sophisticated their technology," Robert Cohen, co-chief of the SEC enforcement division's market abuse unit, said in a statement.

The suit follows a US$30 million settlement secured by the SEC last year, after it accused two Ukranian men of hacking into the networks of prominent business news wire services to access market press releases before they were announced.

The SEC claims the press release scheme netted US$100 million in five years.