SEC freezes assets of alleged stock pump-and-dump hacker

January 02, 2007 Sophos Press Release

Evgeny Gashichev is charged with manipulating stock prices by hacking into other people's online trading accounts
Evgeny Gashichev is charged with manipulating stock prices by hacking into other people's online trading accounts.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned online stock traders to take care over their brokerage accounts following allegations that a man manipulated stock prices by hacking into other peoples' accounts.

The Securities and Exchange Commission (SEC) has convinced a court to freeze the assets of Grand Logistic, a Belize corporation located in Talinn, Estonia, and its owner Russian-born Evgeny Gashichev. Gashichev is accused of making $353,609 by manipulating stock prices in at least 21 companies by breaking into online brokerage accounts.

According to the SEC, Grand Logistic and Gashichev unlawfully profited by manipulating the stock market through innocent people's trading accounts between 28 August and 13 October 2006.

"Many people will have encountered 'pump-and-dump' scams because of the large amount of spam email devoted to making illegal profits this way," said Graham Cluley, senior technology consultant for Sophos. "In this case it appears that the SEC is responding not to a spam attack, but to unauthorized entry to online accounts, whose funds are then used to purchase shares in small, thinly-traded companies. These kind of attacks combine the crimes of securities fraud, identity theft and computer hacking. The end result is the same as a spam pump-and-dump campaign - the share prices are illegally pumped up and the criminals make a small fortune."

"This case should act as a timely reminder that online traders must take care to properly secure their accounts, and make sure that their login details do not fall into the wrong hands," continued Cluley.

Sophos recommends that all computer users ensure that they are running an automatically updated anti-virus product, security patches and firewall software.