An Indian national was sentenced Monday to 81 months in prison for hacking into online brokerage accounts and using those accounts to manipulate stock prices for personal gain.
Jaisankar Marimuthu, 36, of Chennai, India, was also ordered to pay close to $2.5 million in restitution to the more than 90 people and seven brokerage firms that were victims of his illegal capers.
In February, Marimuthu pleaded guilty in federal court in Omaha to one count each of conspiracy to commit wire fraud, securities fraud, computer fraud and aggravated identity theft.
Marimuthu was arrested in Hong Kong and extradited to the U.S. last June. He had initially pleaded not guilty to the charges, but changed his mind earlier this year.
Related Story: Iceman gets 13 years, must pay $27.5M to hacking victims
One of his accomplices, Thirugnanam Ramanathan, 37, had in June 2008 pleaded guilty on the same charge and was sentenced to a two-year term. Ramanathan, however, was deported to India last year before completing his prison term. A third conspirator, Chockalingham Ramanathan, 36, who has been indicted on 23 criminal counts including computer fraud and aggravated identity theft, remains at large.
Court documents said Marimuthu and his accomplices ran a hack, pump and dump scheme in which they would buy large volumes of thinly traded stocks and then sell those stocks after first artificially inflating their price.
Between February 2006 and December 2006, Marimuthu and his cohorts, all of whom operated out of Chennai and Thailand, hacked their way into numerous brokerage accounts at investment companies including T.D. Ameritrade, which is based in Omaha, E*Trade, Schwab and Fidelity. The documents do not describe how the three gained access to customer accounts at these firms. However, all three appear to have somehow gained access to the full names, addresses, Social Security numbers and other personal details of their victims.
Once they obtained access to the accounts, the three individuals used those accounts to illegally purchase large volumes of thinly traded securities. They drove up the prices of low-volume stocks they already owned, by buying shares with the hacked accounts, then dumping the stocks before the price dropped, authorities said.
In August 2006 for instance, Marimuthu and his accomplices used compromised accounts at TD Ameritrade, Schwab and other companies to purchase a large number of shares in a firm called Acorda Therapeutics. Their actions resulted in Acorda share volumes’ rising from an average of around 31,000 shares daily to more than 300,000 shares. The increased volume resulted in Acorda’s share price rising from $3.19 to $3.70 in one day. Marimuthi and the two others took advantage of the artificially inflated price to then dump their own shares at a substantial profit.
Court documents describe numerous other instances where the trio profited from an identical hack, pump and dump approach. Some of the companies whose share prices were artificially inflated as a result of the illegal activities of Marimuthu and the others included Pacel Corp, and CTR Investments and Consulting Inc. In each case, Marimuthu and the others had first already purchased huge quantities of each company’s shares.
In each case, law enforcement official were able to trace the illegal transactions to IP addresses in India and Bangkok, Thailand, that were associated with Marimuthu and his accomplices.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld.