Search This Blog

Showing posts with label Cyber Crime Report. Show all posts

Sberbank employee confesses he is the culprit behind the customer data leakage


Recall that on Thursday, Sberbank reported a possible leak of credit card accounts, which affects at least 200 customers of the Bank. According to media reports, at the weekend on one of the forums, which was blocked by Roskomnadzor (Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications), there were messages about the sale of personal data of Bank customers. The authors of the announcement indicated that they have access to data of 60 million cards.

Sberbank assured that the funds of its customers are safe because credit card accounts that do not have CVV codes, as well as logins and passwords from the Internet Bank were in the public domain. So, fraudsters can not steal money from the cards.

According to German Gref, President of Sberbank, Sberbank employees learned about the incident on the day of the leak, October 2: an ad was found with personal data of employees. After that, the employee of security service of Sberbank contacted an attacker trying to sell the stolen data.

During the conversation, it became clear that we are talking about an internal leak, Gref said.

According to a statement on the Bank’s website, "as a result of the internal investigation, the security service of the Bank in cooperation with law enforcement agencies, on October 4, 2019, identified an employee of the Bank born in 1991, the head of the sector in one of the business units of the Bank, who had access to databases and who tried to steal customer information for selfish purposes," the message on the Bank's website reads. The culprit of the leak faces criminal liability.

The leak indirectly affected the data of 200 cardholders of Sberbank, which have already been reissued, so " the owners have nothing to worry about," Gref said. He noted that the reissue took only two days.

Gref also apologized to customers and thanked them, noting their calmness.

Hacker ordered to pay back £922k

A hacker who carried out cyber attacks on more than 100 companies has been ordered to pay back £922,978.14 of cryptocurrency.

Grant West had been jailed for fraud after carrying out attacks on brands such as Sainsbury's, Uber and Argos.

A police investigation, codename "Operation Draba", uncovered West's activity on the dark web under the moniker of "Courvoisier".

The confiscation order was made during a hearing at Southwark Crown Court.

West, from Sheerness, Kent, used phishing email scams to obtain the financial data of tens of thousands of customers.

He would then sell this personal data in different market places on the dark web, convert the profit made from selling financial details online into cryptocurrency, and store these in multiple accounts.

West, of Ashcroft Caravan Park, was jailed in May at Southwark Crown Court for 10 years and eight months.

Detectives had discovered evidence of West conducting cyber attacks on the websites of 17 major firms.

Following West's arrest, approximately £1m in cryptocurrency was seized from a number of his accounts. Taking currency fluctuations into account the currency is today valued at £922, 978.14.

The cryptocurrency will now be sold and the victims will receive compensation.

As well as financial data, he also sold cannabis which he shipped to customers, and "how to" guides instructing others how to carry out cyber attacks.

West also regularly used stolen credit card details to pay for items for himself, including holidays, food, shopping and household goods. West admitted conspiracy to defraud, possession of criminal property, unauthorised modification of computer material and various drugs offences.

China hacked TCS, 7 other major firms: Report

‘Operation Cloud Hopper’ — a global cyber espionage campaign — first made headlines when Chinese hackers reportedly broke past IBM and Hewlett Packard Enterprise. Now, it seems that they weren’t the only ones attacked.

Hackers working for China’s Ministry of State security broke into networks of eight of the world’s biggest technology service providers in an effort to steal commercial secrets from their clients, according to sources familiar with the attacks.

Technology service providers such as Hewlett Packard Enterprise (HPE), IBM, Fujitsu, Tata Consultancy Services (TCS), NTT Data, Dimension Data, Computer Sciences Corporation (CSC) and DXC Technology, HPE’s spun-off services arm, were the target of Cloud Hopper attributed to the Chinese government by the United States and its Western allies.

It isn’t just TCS that was hacked. The service provider was used as a jumping off point to gain access to their client’s networks.

Meanwhile, China is denying all involvement in the attacks and companies are claiming that no sensitive information was compromised, but the Reuters report shows otherwise.

A U.S. indictment in December outlined an elaborate operation to steal Western intellectual property in order to advance China’s economic interests but stopped short of naming victim companies.

Reuters has identified more than a dozen victims who were clients of the service providers. That list includes Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries and travel reservation system Sabre.

HPE said it worked “diligently for our customers to mitigate the attack and protect their information.” DXC said it had “robust security measures in place” to protect itself and clients, neither of which have “experienced a material impact” due to Cloud Hopper.

NTT Data, Dimension Data, Tata Consultancy Services, Fujitsu and IBM declined to comment. IBM has previously said it has no evidence sensitive corporate data was compromised by the attacks.

Sabre said it had disclosed a cybersecurity incident in 2015 and an investigation concluded no traveler data was accessed. A Huntington Ingalls spokeswoman said the company is “confident that there was no breach of any HII data,” via HPE or DXC.

Two hackers who stole more than 15,000$ were detained in Ukraine


The press service of the Department of Cyber Police of the National Police of Ukraine reported that Ukrainian hackers transferred from the account of the entrepreneur more than 400 000 UAH using a bug in the online currency exchange service.

According to the police, they received a message from a 30-year-old resident of the Kyiv region that he got suspicious letters at his email address at night. The e-mail said the withdrawal of funds from his Bank account. According to the victim, the attackers managed to withdraw about 420 000 UAH.

During a pretrial investigation, law enforcement officers found two 33-year-old men who were involved in the crime. It turned out that one of them was engaged in the configuration and support of Internet resources.

The attacker used the vulnerability of the victim's online resource to steal funds. First of all, he blocked the work of the resource and the owner’s access to it. After that, the hacker transferred to his electronic wallets all the owner's funds.

According to investigators, the second participant of the criminal group who at that time was in another city began his part of the work. He conducted a number of transactions with various e-wallets to redirect funds, transferred them to cryptocurrency and then cashed.

Cyber Police officers together with Police investigators conducted six authorized searches at the same time. According to their results, computer equipment, additional media, draft records and mobile phones were seized.

According to the article on unauthorized intervention in work of computers, hackers face up to three years of imprisonment.


Criminals use new method to steal money from Sberbank customers



A new type of fraud using Sberbank ATMs appeared in Russia. Criminals use the imperfection of technology and inattention of citizens.

According to police, the attacker did not insert a Bankcard into the machine, chose any operation and did not complete it. When the next customer came to the machine, he saw on the screen of ATM a proposal to insert the card and enter the pin code. When he did all, the operation of the attacker was automatically completed, after which the money was debited from the cardholder's account.

First cases of such theft appeared six months ago. But in the last two weeks, the number of complaints from citizens to the police about this has increased rapidly. In all cases, the theft was committed when there was a queue at the ATM.

The the scheme worked only if the pin code was entered within one and a half minutes, otherwise, the terminal interrupted the operation. Police noted that attackers started using this scheme half a year ago but in the last two weeks the number of such incidents increased sharply.

Some experts believe that the problem is in the technology: normally, you must first to insert the card and then choose the operation. The second problem, according to experts, is a too long time-out. The basic time-out is 30 seconds. According to Yevgeny Tsarev, the RTM Group expert, a 90 seconds timeout is a serious vulnerability, and not technical, but social because an unprepared user can easily insert his card without looking at the monitor. Sberbank must reconfigure ATMs and reduce the time of the session, believes Mr. Tsarev.

An interesting fact is that on the channel "Russia 1" on the show with the participation of the head of Sberbank German Gref TV host said that customers of Sberbank are protected by graduates from the Faculty of Cybersecurity of leading Russian technical universities, while still being students. The youngest employee is about 20 years old.

Hackers stole money from Kukuruza(Kykyryza) cards using Apple Pay


83 Kykyryza(Kukuruza) cardholders suffered from the theft of funds. The fraudsters gained access to the logins and passwords from the mobile and Internet banking, and then they connected Apple Pay and withdrew funds. Now the problem is solved, the money is returned.

The Kykyryza card is a multifunctional bonus payment card, which is offered to its customers by the United Russian company Svyaznoy/Euroset. The card works in the Mastercard payment system.

Since May 2 complaints of Kykyryza cardholders about the theft of their funds began to appear on the website Banki.ru. Victims of the attack received SMS that their card is connected to Apple Pay, immediately after that, the money was withdrawn to the Tele2* number. All victims indicate that they did not receive SMS or Push-notifications with a verification code to connect to Apple Pay.

It turned out that hackers attacked a social service, where they received data about the owners of Kykyryza cards to log into the account and then they checked if the victims used the same username and password in the mobile or Internet Bank. If the data was the same, then the attackers connected mobile application Kykyryza to the Apple Pay and proceeded to withdraw money.

The company Svyaznoy/Euroset confirmed the theft of funds from Kykyryza card owners, noting that the number of victims is small, as only 20 million cards were issued. According to Alexander Malis, the SEO of the company, only 83 cardholders suffered.

“The hackers stole about 2 million rubles ($ 31 000),— said Mr. Malis.— The stolen funds were already returned to all the victims.”

Vladimir Dryukov, the Director of the Solar JSOC Cyber Attack Monitoring and Response Center, noted that the mobile application with this method of theft showed two serious vulnerabilities — the lack of protection from the change device when you log in to the mobile Bank and the lack of protection from the selection of the numbers.

However, according to Mr. Malis, Kykyryza card showed a high level of security in the conditions of a mass attack. He also clarified that a special update has already been released, which will not allow an unauthorized user to change the mobile device.

There are tens of thousands of cyber criminals in the world, says kaspersky

Russian experts from Kaspersky Lab, the company, specializing in the development of protection systems against computer viruses, spam, hacker attacks and other cyber threats, revealed the details of hackers. According to them, there are currently tens of thousands of cybercriminals on the Internet, of which at least 14 hacker groups specializing in certain groups of users and organizations are Russians.

According to experts, financial cybercriminals are the largest group. They attack banking infrastructure, business and individuals. There are several schemes giving the opportunity to withdraw funds from corporate accounts and go unpunished.

There are also a number of hacker groups developing phishing and spyware programs. They are the most technically equipped.

The drops, which are responsible for contacts with the physical world, risk more than others. Next in the list are botters, or operators, who remotely control malicious computer software.

"In total, there are several tens of thousands of hackers in the world who must be constantly trained. Inexperienced hackers can simply lose their jobs without new knowledge due to the active development of technology ", — said the experts of Kaspersky Lab.

Hackers mainly communicate among themselves in half-closed or closed forums. They have the opportunity to discuss, group and involve third-party experts to cooperate. Every day several dozens of new topics appear on such forums. An entry ticket to closed forums can be an entrance fee or recommendation from a hacker with a reputation. Top spyware developers usually ignore the forums. According to experts, only several hundred people in the world are in the highest category of hackers.

Hackers reportedly helped the daughter of a celebrity to win the show "The Voice Kids Russia"

A loud scandal occurred on the weekend at the Russian television program "Voice of Children". The reason is the final vote, as a result of which Mikella Abramova, the daughter of the famous Russian singer Alsu, won the final of the show with a huge difference of votes. The management of the First Channel Russia demanded a thorough investigation of the incident. Some stars of show business expressed that there was a falsification.

The experts believe that there are several possibilities why the daughter Alsu unexpectedly won with a huge margin, without being the favorite in the final. Experts do not exclude that there was a hacker attack.

Alsu's family decided not to comment on the incident until the results of the vote verification in the final of the show, which the First channel instructed to make an international company Group-IB, are announced. It is noteworthy that this company is an official partner of Interpol. It is known that the counting of votes took place automatically, so now there is a manual verification of each vote, which can take a long time.

A specialist in independent cybercrime investigations said that high-level hackers could substitute the final results of the vote or install an algorithm in the automatic vote counting system, according to which one vote was taken as several.

"It is quite easy to check, there will be a significant difference between the recorded votes and the controversial result. Also, insiders, who in their own interests influence the process, can conduct an attack,” the expert explained.

The expert noted that his colleagues will first analyze the electronic journals of the site to identify deviations. Moreover, manual cheating was used when interested people buy several SIM cards and send SMS in favor of the desired people. The specialist stressed that they need more time and court permission to check this method of fraud.

According to the expert, the second possibility why the daughter Alsu unexpectedly won the show, is the mistakes of the voting system. The expert does not completely exclude the second possibility because from time to time there are news that bugs were discovered on the websites of law enforcement agencies. And not so long ago, students found a vulnerability in the ambulance substation program.

Ukrainian cyber police again caught Russian hackers

It is not the first time when the Ukrainian cyber police declared about declassifying a group of Russian hackers.

According to police officers, hackers created a mailbox, using the Anonymizer and worked from the territory of Russia.

It turned out that they sent fake emails on behalf of Interior Minister Arsen Avakov. Emails contained rules of conduct for police officers during the elections. In addition, the police were required to take certain actions in favor of one of the candidates.

On the Internet, there is an opinion that the news is fake. Many people know that real hackers do not even need to create a mail to send messages. They can go to the server of the police and send emails directly. And can do it from any other host on which the port number 25 is open, intended for the SMTP protocol.

Perhaps citizens of Ukraine decided to joke this way. They just installed a browser with VPN and created mail. That's enough to hide location. Moreover, this incident was another reason to accuse Russia of intervening in the Ukrainian presidential election.

 

The Deputy Director hacked the education management Server of Ulyanovsk

The Prosecutor's Office of the Ulyanovsk region reported an extraordinary case in which an employee of an educational institution became a hacker.

According to the Prosecutor's office, the man knew that he had no right to any actions with the information stored on the Management Servers. However, he gained access to the Server of the Education Department of the Ulyanovsk Administration.

Namely, he got access to the data containing personal data of pupils, parents and employees of Ulyanovsk schools and deleted them. These actions led to the failure of the structural units of the Education Department.

Moreover, he found on the Internet a malicious computer program designed to neutralize computer information protection tools and installed it on the hard magnetic disk of the service computer. Thus, he managed to find password-code information to the education management Server.

Finally, the former Deputy Director of the school stopped the work of the structural units of the Education Department.

The man was exposed by the staff of the regional FSB. The suspect explained his actions as revenge to the authority for unfair actions against him. The man was charged with imprisonment for up to 5 years.

The Security Service of Ukraine tracked down a Russian hacker on the territory of Zaporozhye


As previously reported the Ukrainian President Petro Poroshenko accused Russia of hacker attacks on the Ukrainian Central Election Commission, but there was no real evidence of Russian interference in the elections.

This time the Security Service of Ukraine (SBU) claim that stopped the activities of a hacker allegedly hired by Russia to interfere in the work of servers of state institutions.

According to the press center of the SBU, the suspect is the resident of Zaporozhye region, who worked as an administrator of a closed Internet forum for cybercriminals created in the Russian Federation. There he was looking for people who had to send malicious software to the e-mail addresses of State Institutions for a fee.

Experts noted that such computer viruses are used to block the activities of information resources through connection to the State register of Ukraine. The SBU stressed that it could pose a threat to the servers or computers of the Election Commission.

Law enforcement officers searched the hacker's house and found computer equipment with programs to create and transform computer viruses. Also, they found 10 samples of harmful ready-made software which was prepared for distribution between members of a hacker forum.

An interesting fact is that the SBU earlier exposed the resident of Chernihiv region, who "worked for the Kremlin," placing the social media posts criticizing the Kiev authorities and doubts about the combat capability of the Ukrainian army, with the purpose to influence the Election of the President.

Hacker from Samara city sentenced for Creating and Selling Malware


Sergei Materov, a 42-year old hacker from Samara, the sixth largest city in Russia, has been sentenced at the Prikubansky District Court of Krasnodar for creating and distributing malicious computer programs , under part 2 of article 273 of the Criminal Code of Russian Federation.

According to the local news report, the malware created by him were capable of neutralizing security solutions installed and steal, modify, block and destroy information on the infected computer.

The convict came to Kuban to earn money. He started to do freelance software development from home. He also posted advertisements on the Internet in which he offered software development for computers.

An unnamed person responded to his ads and paid him 6800 Rubles for developing two malicious programs.

Materov was detained by the FSB officers and later sentenced to one year and three months imprisonment.

- Christina
 

Trial Of a Group Accused Of Hacking Transport Card System "Troika" To Resume On September 12



Trial of Russian hackers who are accused of hacking transport card system "Troika" and other transport cards is postponed from 31 August to September 12. The accused are Denis Kazmin, Yury Putin and Pavel Andryushin.

The group bought the details of the Turnstiles (like in metro) for the creation of malicious software. After studying the working process of Turnstiles, they developed a program in Object Pascal Programming language, namely "Terminal.exe" "ATMega128_BackDoorBootLoader.asm".

The program allowed them to get information of the carrier, memory dumps and access keys from the Turnstiles located at one of the Moscow station. The information were used for adding money to transport card and sold the card.

The hackers may receive 3 to 4 years of imprisonment

Experts were surprised, according to them, transport card fraud is a rare, because in this way you can not earn big money. The whole damage amounted to 2 million rubles.

It's interesting to note that in May 2016 another Russian researcher Igor Shevtsov did research and wrote an article(https://habrahabr.ru/post/301832/) about a critical vulnerability of transport card "TROIKA".

He explained how to fake balance of the card and how travel on public transport for free.  It took him 15 days, he used Android smartphone with NFC chip. He also created an android application TroikaDumper to exploit the vulnerability. The Representatives of Moscow metro contacted with the researcher and fixed the vulnerability after few days. The article written by Shevtsov is now removed.

- Christina
 

Yekaterinburg Police arrested a Cybercrime ring for stealing money from Bank cards


In Yekaterinburg, Police caught a group of cyber criminals for stealing money from bank cards, according to the local news report.

The accused sent fake messages to victims that says money is withdrawn from his account. It appears they have given a fake helpline number also. If the victim call that number, the criminals pretending be from Bank will convince the victim to give all information about the card and other bank related information.

The gathered information will be later used by the criminals to steal money from the victims' accounts. The criminals spent the stolen money to buy expensive cars and houses.

The cyber criminals scammed not only normal citizens from different regions of Russia, but also older generation with a small pension. The direct value of losses exceeded 600 thousand Rubles.

During the search at the location of accused, the police seized Computer Equipment, Mobile Phones, more than 50 SIM cards, Bank Cards, money and gun.

The largest bank in Central and Eastern Europe SBERBANK commented on that situation: "Bank personnel are prohibited to disclose personal details of clients and send its to third parties. If you have been contacted by strangers, who are trying to find out information about your Bank card, be careful: it's clear signs of fraud. We recommend you to call the Bank or contact the personnel at the Bank".

Voices and handwriting were examined to find the criminals in this case. Also, law enforcement officers used modern computer technology to track down criminals' place of work. The accused may receive about 5 years imprisonment.

- Christina
 

Two Israeli Teenagers arrested and charged for selling DDOS Service


Two Israeli teenagers from Sharon region were formerly arrested after eighteen months of investigation.

The Israelis are responsible for thousands of cyber attacks around the world, causing damage estimated in more than million dollars.

According to local news report, they have created a Shell company in England and sold Distributed Denial of Service (DD, OS) attack as service.

"In January of 2016, a covert investigation was opened against the suspects who set up and managed a website called vdos-s[dot]com, which sold packages created to cause the servers to crash," police told local news report.

The DDOS attack is used for disrupting access to the victims' websites. Price of the "attack pacakge" offered by them was ranged from 19.99 $ to $ 499,99.

More than two million cyber attacks were conducted in the United States, England, Holland and Sweden, causing multi million-dollar losses. Suspects earned above 613 thousand dollars. The money was seized after Bank accounts were identified and frozen.

- Christina

Ukrainian CyberPolice arrest the Hacker accused of spreading "Petya.A" virus



Ukrainian officers from cyber crime department have arrested a 51-year-old resident of Nikopol (Ukraine, Dnipropetrovsk region), who is suspected of spreading computer virus "Petya.A".

Petya is a ransomware that infects the Master boot Record(MBR). If the malware successfully infectes the MBR, it will encrypt the whole hard drive. Otherwise, it encrypts all files.

According to the local news report, the suspect published an online tutorial video explaining how to use the "Petya.A" malware to infect victim's computers. In the comments section, he also shared a link to social network on which he has uploaded the malware and distributed.

The police have conducted a search at the residence of the suspect. They have seized the computer equipments and found malicious software which is similare to the "Petya.A".

The malware is said to be infected more than 400 computers. Also a number of companies intentionally used this virus to conceal criminal activity and evasion from the payments of penalties to the state.

In June 2017, ESet reported that large number of infections happened in the Ukraine. The affected Ukrainian industries includes financial sector, energy sector.

- Christina

Russian Hacker pleads guilty for role in creating Ebury Malware

The Russians hackers who created the malware Ebury pleaded guilty to the charges brought against them.

Maxim Senach, 41 years old Russian man, inhabitant of Great Novgorod, was arrested in Finland in 2015. In January 2016 he was extradited to the United States. Now the U.S. Department of Justice reports that Senach pleaded guilty, confirming that he was engaged in the development of Ebury malware and controlled the well-known botnet.

Malware Ebury appeared in 2011 and attacked UNIX systems (Linux, FreeBSD, Solaris). Malware was installed on poorly protected servers, and Ebury had the rootkit component, and also a backdoor that allows attackers at any time to get to the server remote access. Additionally, Ebury was used to steal SSH accounting data and private keys. Then attackers also used it to infect new servers.



This malware has become well know after "Ryan Austin" (Unrelated) used it to infect kernel.org servers. It took the administrators months to clear out the infections as kernel.org is the main distribution channel for the linux source code.


Servers affected by Ebury joined in a botnet used by cyber criminals to send spam, clickfraud, traffic-diversion to malicious sites or to sites which paid for "advertising." Ebury totally infected more than 500,000 computers and 25,000 servers. The botnet could send out 35 000 000 spam emails daily, and divert more than 500 000 people to malicious sites. According to law enforcement agents operators of the botnet benefited millions of dollars.

As stated above, Senach pleaded guilty to all charges and now he faces 30 years in prison. The verdict will be announced on 3 August 2017.

Cyber crime goes up by 103.2 percent in UP


Cyber crime has been increasing in Uttar Pradesh, however, the State government seems to have no plan to control it. The number of people arrested on the charges of cyber fraud in 2014 has increased by 103.2 percent comparing to 2013.

A news report published in Times of India (TOI) confirmed that 1,223 computer professionals and hackers were arrested across the state under cyber crime act in 2014, which was more than 103.2% in comparison to 2013. A total of 602 people were arrested in 2013.

TOI published a data of National Crime Record Bureau (NCRB) showed that majority of the people were between 18 to 45 years old. Among them, 15 employees or disgruntled employees and 62 business competitors were also held by police. The statistics revealed that 2013 witnessed a 122.5% jump in cyber offences over 2012.

The NCRB revealed that UP had 18.1% share of cases reported under cyber crime during 2014. Moreover, majority of 898 cases lodged across the state under Section 66 A of IT Act were computer related offences. A total of 1,042 cases were lodged under Sections 66 A to 66 E.

Similarly, it also revealed that 36 cases (under Section 65) were registered on charges of tampering computer source documents. Similarly, 371 cases were reported under Section 67 and 67 A to C on the charges of publication or transmission of obscene/sexually explicit material.

According to the news report, in 2014, cyber crime cases were registered for tampering computer source document, hacking (damage to computer resources utility and hacking cases), obscene/publication/transmission, unauthorized access/attempt to protected computer system, obtaining digital signature by misrepresentation and publishing false digital signature certificate, fraud digital signature and breach of confidentiality and privacy. Under IPC sections, 78 cases of forgery, cheating, data theft, criminal breach of trust and fraud were registered. 

Silk Road case, former US Secret Service agent found guilty

Shaun Bridges, a former US Secret Service agent, has pleaded guilty for stealing $820,000 (£521,000) of bitcoins during the investigation of the Silk Road website.

He was part of the federal task force, which helped in the investigation and shut down of  the Silk Road,  an underground marketplace for drugs.

He was not only pleaded guilty for stealing bitcoins  but also for money laundering and obstruction in justice, during a court hearing on Monday in San Francisco. He will be sentenced in December.

The theft was carried out while the investigation was going on. Bridges used an administrator account of the Silk Road to reset the password and move 20,000 bitcoins to his account. He tried to hide his theft via a series of complex financial manoeuvres.

In May, Ross Ulbricht founder of the Silk Road was sentenced to life in prison for running the site.

He is not the only agent who was pleaded guilty of stealing digital cash in this case.  Bridges is the second agent involved in the case caught stealing digital cash. In early July, former US Drug Enforcement Agency agent Carl Force pleaded guilty to three charges in connection with more than $700,000 in bitcoins he had stolen from Silk Road users.

"There is a bright line between enforcing the law and breaking it," said US assistant attorney general Leslie Caldwell in a statement. "Law enforcement officers who cross that line not only harm their immediate victim but also betray the public trust."

The Silk Road was shut down in October 2013 when raids by the FBI and other federal agents led to the arrest of its founder.

Russian hacker's profit frozen after manipulating Australian stockmarket


The New South Wales Supreme Court has restrained more than $77,000 of a suspected Russian hacker, who manipulated penny stocks on the Australian share market.

The joint operation by the Australian Securities and Investments Commission (ASIC) and Australian Federal Police (AFP) investigated a series of suspicious trades in cheap “penny stocks”.

After the operation, “Operation Emerald”, the investigators targeted the suspected Russian hacker , who manipulated market through an overseas account that traded through Morgan Stanley Australia.

ASIC’s surveillance team  spotted the suspicious trades in between August and October last year.

According to the ASIC,the trades were made through hacked retail clients account, and they targeted 13 penny stocks.

ASIC commissioner Cathie Armour said that they will continue to “help smash” any criminal activity targeting the Australian market.

“[ASIC] staff continue to monitor and detect suspicious trading activity and work with market participants to ensure account hacking is swiftly identified and stopped,” Ms Armour said.

Penalty of up to 10 years in jail for manipulating the market.