The U.S. Securities and Exchange Commission has filed civil charges against three Indian nationals indicted in the hacking of online brokerage accounts to manipulate the prices of at least 14 securities.
The civil charges were filed against Jaisankar Marimuthu, Chockalingam Ramanathan and Thirugnanam Ramanathan and seek civil penalties, the yielding of all illegal proceeds from the scheme, as well as preliminary and permanent injunction relief.
The trio face a 23-count indictment unsealed March 12 in federal court in Nebraska featuring charges of conspiracy, computer fraud aggravated identity theft and other charges.
The indictment is the result of an investigation by the Federal Bureau of Investigation, the U.S. Attorneys Office for the District of Nebraska, and the Computer Crimes and Intellectual Property and Fraud Sections of the Criminal Division of the United States Department of Justice.
“Hackers who prey on American investors—no matter what continent theyre operating from—are meeting their match with powerful adversaries in the Department of Justice and the Securities and Exchange Commission. We will go anywhere on Earth to stop these thieves and hold them accountable,” said SEC Chairman Christopher Cox, in a statement.
According to the commissions complaint, the trio allegedly repeatedly hijacked the online brokerage accounts of unwitting investors using stolen user names and passwords between July and November 2006.
Before hacking the accounts, the defendants acquired positions in the securities of at least 14 securities, authorities said.
The three then used the victims own accounts and funds to make unauthorized buy orders at above-market prices and then sold positions held in their own accounts at the artificially inflated prices, authorities alleged.
“It is particularly troubling that, aside from profiting from their scheme, the defendants caused over $875,000 in damage to the brokerage firms whose customers accounts were compromised,” said Linda Thomsen, director of the SECs Division of Enforcement.
The three are also accused of opening new online brokerage accounts using stolen personal information, and then funded these accounts using hundreds of thousands of dollars taken from the account holders actual bank accounts.
It is unclear at this point just how the three allegedly got their hands on the stolen personal information.
John Reed Stark, chief of the SECs Office of Internet Enforcement, said in an interview with eWEEK that the suspects have not been interviewed yet by investigators involved in the case. He speculated the trio could have used keylogging programs or purchased the information from people selling stolen data.
Authorities said Marimuthu was picked up by police in Hong Kong on Dec. 20, 2006, on similar charges of computer fraud, money laundering and possession of equipment to make a false instrument.
Thirugnanam Ramanathan was arrested by authorities in Hong Kong on Jan.26, 2007, pursuant to a U.S. provisional arrest warrant.
Chockalingam Ramanathan is at large. The government will seek the extradition of the arrested defendants to face charges in Nebraska, authorities said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.