New-style pump-and-dump hacker sentenced

September 09, 2008 Sophos Press Release

IT security and control firm Sophos has welcomed news that US authorities have sentenced an Indian man to two years in jail for his part in an international fraud ring.

According to reports, 35-year-old Thirugnanam Ramanathan, a native of India and legal resident of Malaysia, and his accomplices, hacked into the internet accounts of American brokers, sold the victims' holdings and bought shares in lightly-traded stocks pumping up their price. The gang had previously purchased the same stocks from their own brokerage accounts, and after they had manipulated the stock price sufficiently, they swiftly dumped their own holdings for a profit.

"This gang didn't use the old trick of pumping up the price of a dormant stock with spam messages, encouraging people to buy shares in a stock whose price was going to be manipulated. Instead they cut out the middle man - doing the purchasing of the stock through their victims' own compromised accounts," said Graham Cluley, senior technology consultant at Sophos. "A heist like this was nothing less than audacious - and, if successful, could have netted the criminals a fortune."

The investigation also revealed that the hackers had used internet service providers located in Bangkok, Thailand and Chennai, India to break into the accounts. Sophos experts note that cases like this demonstrate the international nature of cybercrime today - where the criminals can be based on the other side of the world, far away from their victims.

Two other defendants, Jaisankar Marimuthu and Chockalingam Ramanathan (a resident of Chennai), have also been indicted. Marimuthu is currently detained in a Hong Kong prison awaiting extradition following his conviction on similar offences related to the Hong Kong stock market. Chockalingam Ramanathan remains at large.

Sophos recommends that all computer users, be they a large firm or an individual investor, take responsibility for properly securing their computer systems to prevent hackers like this making a quick profit.