The Securities and Exchange Commission charged 18 individuals and businesses for hacking into more than 30 retail brokerage accounts to buy microcap stocks, pumping up the price and profiting from subsequent sales.
The group's actions led to significant purchases of stock in Lotus Bio-Technology Development Corp. and Good Gaming Corp., with the defendants getting $1 million as a result of the scheme. The SEC complaint was filed in federal court in Atlanta.
“Our complaint details a brazen and sophisticated scheme, with hackers using international accounts and dummy account holders to hide their tracks,” SEC Atlanta Regional Office Director Nekia Hackworth Jones said in a statement. “As this case demonstrates, the (Enforcement) Division can uncover misconduct even when it crosses borders and is concealed behind multiple layers of obfuscation.”
In 2011, co-defendant Zoltan Nagy founded Lotus Bio-Technology Development (LBTD). Over time, Nagy and others began buying and transferring substantial shares of LBTD stock to entities owned by British Columbia–based co-defendants Richard and Anna Tang, before laundering those shares to Davies Wong, who eventually secretly controlled LBTD due to the amount of stock held (they allegedly did this without filling mandated SEC reports).
Other co-defendants helped transfer substantial shares of Good Gaming common stock to an offshore brokerage account controlled by Glenn Laken, an Illinois-based co-defendant.
By Aug. 1, 2017, the Wongs, the Tangs, and Nagy’s associates controlled most of LBTD’s outstanding shares, according to the complaint. On Aug. 16, “unidentified persons” hacked at least one retail brokerage account at an unnamed U.S. broker/dealer, forcing the account to buy significant quantities of LBTD stock, thereby boosting the stock price and trading volume.
Simultaneously, the Wongs sold much of their LBTD shares, becoming the principal sellers during the day of the hack. On Sept. 19, the hackers grew more ambitious, hacking at least 24 retail accounts at four unnamed U.S. firms to buy millions of shares in LBTD, according to the commission. Again, the Wongs were the primary sellers, obtaining more than $1 million, according to the complaint.
The Good Gaming hack took place on Jan. 22, 2018, according to the complaint, with hackers piercing six retail accounts at two unnamed brokerage firms in order to purchase nearly 1 million shares. According to the commission, Rahim Mohamed, an Alberta, Canada–based individual, coordinated the hacking attacks, as he relayed trading instructions directly to a co-defendant via WhatsApp, who then used the app to tell their trading firm to make the sales.
In the complaint, the SEC sought the return of ill-gotten gains and interest, as well as various penalties, bars and additional relief levied against the defendants. SEC Enforcement Division Director Gurbir S. Grewal said the charges should serve as a reminder to investors that they should take precautions in protecting brokerage accounts, “including choosing strong passwords, using different passwords for different accounts, and using two-factor authentication when available."