Three Chinese Charged with Hacking Law Firms and Stealing Insider Trading Data

Share this…

The US charged three Chinese nationals with hacking two New York law firms and stealing data from their email servers, which they later used to make a profit on the stock market.

The three suspects are Iat Hong, aged 26 from Macau; Chin Hung, 50, of Macau, and Bo Zheng, 30, of Changsha, China. Of the three, only Hong is detained and awaiting extradition, after he was arrested in Hong Kong on Christmas Day. The two other suspects remain at large.

Two of the three hackers breached at least two US law firms

According to an indictment, embedded below, Hong and Hung teamed up between from April 2014 and up to the fall of 2016 to hack US law firms with the purpose of stealing insider trading information.

FBI investigators say that the two had obtained login credentials for employees at two US law firms, accessed their companies’ backends, and infected the servers with malware.

They used their malware to steal data from the companies’ email servers, which they analyzed for upcoming stock market transactions.

Hackers involved in at least 13 fraudulent stock market transactions

From Law Firm 1, the two stole 52.8GB of emails, where they discovered that the law firm was in the midst of negotiating two future acquisitions: the sale of Intermune to Roche AG, and the sale of Altera to Intel.

The two hackers bought 18,000 Intermune shares based on the information they discovered, hoping the share price would go up when the sale became public. The market reacted as they hoped, and the Intermune share price grew 40%, resulting in profits of approximately $380,000 for the two hackers.

Similarly, the two bought over 210,000 Altera shares, which rose 26% on the day the Intel acquisition was announced, pocketing the two crooks a profit of $1.4 million.

Hackers made over $4 million in profits

Hong and Hung also gained access to email data from a second law firm, Law Firm 2, starting with April 2015. From this second target, the two stole 7GB of emails, where they found information about the upcoming sale of Borderfree Inc. to Pitney Bowes Inc.

As they did before, the two bought 113,000 shares of Borderfree stock, which they sold for a profit of $841,000 on the day the acquisition became public and Borderfree stock rose 105%.

Besides these three transactions, FBI investigators said they are still investigating ten other market operations conducted by the Hong and Hung. In total, authorities suspect that the two hackers pocketed over $4 million from their insider trading operations.

Additionally, the FBI said it also found evidence that the two also attempted to hack five other US law firms, but those investigations are still ongoing.

Not the first time hackers made a profit on the stock market

The FBI and the official indictment did not name the two hacked law firms. In March 2016, The Wall Street Journal reported that the FBI was investigating different hacks at two New York-based law firms named Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP. The two law firms have declined to comment on the recent indictment.

This incident is not the first time when hackers have breached companies involved with the US stock market. In 2015, the US arrested and requested the extradition of several Ukrainian and Russian nationals who hacked multiple business newswire services and stole press release announcements for upcoming financial market transactions.

Officials said the group made over $90 million in profits. The hacked PR newswire services were Marketwired, PR Newswire and Business Wire.

Hackers also breached robotics firm

The third suspect, Zheng, was indicted because together with Hong and Hung, had conspired and hacked an unnamed robotics firms from where they stole confidential proprietary design schematics for consumer robotics.

The three suspects are associates at a Chinese company that develops robot controller chips. Authorities suspect the three used the stolen intellectual property to advance their business.

Source:https://www.bleepingcomputer.com