SEC Charges 18 in Scheme Tied to Hacked Brokerage Accounts

What You Need to Know

Dozens of online retail brokerage accounts were allegedly hacked and improperly used to buy microcap stocks to manipulate the prices and trading volume of those stocks.
Hackers accessed at least 31 U.S. retail brokerage accounts and used them to buy shares of the common stock of two public microcap companies”: Lotus Bio-Technology Development and Good Gaming.
After obtaining the shares, certain defendants then conspired with others to subject retail brokerage accounts to online account takeover attacks,”

The Securities and Exchange Commission on Monday charged 18 individuals and entities for their roles in a stock manipulation scheme in which dozens of online retail brokerage accounts were allegedly hacked and improperly used to buy microcap stocks to manipulate the prices and trading volume of those stocks.

In a complaint filed in U.S. District Court for the Northern District of Georgia in Atlanta, the SEC claimed that, in late 2017 and early 2018, hackers accessed at least 31 U.S. retail brokerage accounts and used them to buy shares of the common stock of two public microcap companies”: Lotus Bio-Technology Development and Good Gaming.

After obtaining those shares, certain defendants then “conspired with other unknown parties to subject various retail brokerage accounts, held by innocent third-party investors, to online account takeover attacks,” according to the complaint.

The SEC didn’t identify the names of firms where the brokerage accounts were held.

The hacked accounts were then forced to make large acquisitions of LBTD and GMER common stock, artificially inflating the trading prices and volume of the stocks, the SEC claimed.

The defendants then sold the shares they acquired at those inflated prices, generating about $1.3 million in proceeds and “creating substantial profits” for them, according to the complaint.

“This case illustrates the critical importance of cybersecurity and of our ongoing efforts to protect retail investors from cyber fraud,” according to Gurbir S. Grewal, director of the SEC’s Division of Enforcement.

“The SEC remains committed to rooting out this type of wrongdoing. Investors should also take precautions, including choosing strong passwords, using different passwords for different accounts, and using two-factor authentication when available,” he said in a statement.

Stock-Scheme Details

Throughout the scheme, certain defendants “repeatedly took steps to conceal their beneficial ownership” of LBTD and/or GMER shares by, among other things, failing to file with the SEC certain beneficial ownership reports required by law, it alleged.

Those charged included Rahim Mohamed of Alberta, Canada, who the SEC said coordinated the hacking attacks, and several others inside and outside the U.S., who allegedly benefited from or participated in the scheme, according to the complaint.

Davies Wong of British Columbia, Canada, and Glenn B. Laken of Illinois, respectively, controlled most of the LBTD and GMER stock that was sold while the hacking attacks were carried out, and Mohamed coordinated with Wong, Laken and others to orchestrate the attacks.

The complaint also alleged that Richard Tang of British Columbia, Canada, was involved with both the LBTD and GMER schemes.

The SEC’s complaint charged the defendants with violations of the antifraud and beneficial ownership reporting provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934 and named two relief defendants who received proceeds from the hacks.

The SEC is seeking the return of ill-gotten gains plus interest, penalties, bars and other equitable relief. Its investigation, it added, is continuing.