SEC Goes After Online Trading Firms That Unwittingly Helped Latvian Hacker

In an effort to crack down on hacker/stock traders who hijack brokerage accounts and exploit the stock market for gain, the Securities and Exchange Commission has, in a novel move, gone after four online trading companies and eight executives who they say helped a Latvian hacker make more than $850,000 from fraudulent trades.

According to the complaint, filed by the SEC in federal court in San Francisco (.pdf), a 34-year-old individual using the name Igors Nagaicevs hijacked the online brokerage accounts of numerous customers over a 14-month period between June 2009 and August 2010 and began selling off their stocks. Using the equity in their accounts, he then made fraudulent purchases of other stocks he already owned, in order to artificially inflate the price of those stocks so he could sell them off at a profit.

Nagaicevs was able to do this more than 150 times without being stopped, in transactions that cost customers more than $2 million in losses before they were reimbursed by their brokerage firms.

Nagaicevs conducted the activity, in part, through accounts that he opened with eight online trading firms, four of which are U.S.-based outfits that are accused by the SEC of operating unregistered trading firms. According to the SEC, which can only bring civil or administrative charges against a company or individual, not criminal charges, the companies failed to implement safeguards that would have caught Nagaicevs’ activity much sooner — safeguards that they would have been required to implement had they been registered trading firms.

“These firms gave Nagaicevs a gateway to the U.S. securities markets while circumventing the protections of the federal securities laws, including requirements for brokers to maintain and follow adequate procedures to gather information about customers and their trading,” reads an SEC press release on the case.

The SEC’s Market Abuse Unit, headed by Daniel M. Hawke, conducted the investigation.

Hawke, who called Nagaicevs’s scheme “diabolical,” told Threat Level that it was “the access that was provided by these firms that really makes the case novel and significant. We’ve never brought a case charging these kinds of registration violations in connection with account intrusions.”

Nagaicevs first opened accounts with the unregistered firms and purchased stocks. He would then set up buy and sell orders through the firms’ brokering partners. Turning to the hacked accounts, he would then buy up shares of the stock he already owned, without the account holders’ knowledge, thus inflating the price of the stock until it triggered his sell order, earning him a profit in the transaction.

The transactions were always completed on the same day, usually within 15 to 20 minutes. According to the complaint, Nagaicevs’s activity was often “responsible for more than 50 percent of the subject stock’s daily trading volume as a result of the manipulative scheme.”

In one case involving stock for Greenbriar Companies, within the span of 32 minutes on Oct. 26, 2009, Nagaicevs generated more than $14,000 in illegal profits by twice driving up the price of the stock. The opening price of the stock on the morning of Oct. 26 was $9.94. But at 12:02 p.m. that day, Nagaicevs purchased 20,000 shares of the stock at an average price of $10.05.

Minutes after the purchase, an online brokerage account that was illegally accessed purchased 49,000 shares of the same stock at prices between $10.20 and $10.40. Around the same time, Nagaicevs’s own account was selling off his stock at prices ranging between $10.40 and $10.49, netting him a tidy profit of $7,066. When the stock price plunged following his sell-off, he bought it again through another account and proceeded to inflate the price a second time in the same day, using the hacked account, until he’d earned another profit of $7,076.

He repeated this activity 159 times using various accounts, acting as a virtual one-man market, before he was halted.

Nagaicevs has been charged by the SEC for deceptive conduct and transactions, but given that he’s believed to be based in Eastern Europe and outside the jurisdiction of the SEC or the Department of Justice, the SEC went after the firms that enabled his fraudulent activity through their own violations of the law. The SEC’s charges against the firms are administrative in nature, so the executives are not facing jail time but do face fines, and will be required to register their firms going forward.

The electronic trading firms, and the targeted executives, are:

Mercury Capital of California, through which Nagaicevs made more than $433,000 in fraudulent profit from 77 intrusions into victim accounts. The charges extend to Lisa R. Hyatt, president, and Douglas G. Frederick, an associate with the firm.

Alchemy Ventures, also in California, helped Nagaicevs make more than $140,000 in fraudulent profit. The charges include Mark H. Rogers, president of the firm, and Steven D. Hotovec, vice president.

KM Capital Management of Pennsylvania, whose service helped Nagaicevs rake in more than $121,000, along with co-owners Joshua A. Klein and Yisroel M. Wachs.

Zanshin Enterprises, of Idaho, along with Frank K. McDonald, managing member, and Richard V. Rizzo, an associate.

One of the firms, Mercury Capital, and two of the executives, Hyatt and Rizzo, have agreed to settlements acknowledging their failures. Hyatt and Rizzo have also agreed to pay a $35,000 penalty each.