[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 10 October, 2003, 10:55 GMT 11:55 UK
US hacker accused of massive fraud
Computer keyboard
The accused spied on his victim's keystrokes, accusers say
A US teenager has been accused of perpetrating an extraordinarily complex crime, involving computer hacking, identity theft and fraudulent financial-market trading.

The US Attorney's Office in Massachusetts has charged 19-year-old Van Dinh with securities fraud, mail and wire fraud, and causing damage in connection with unauthorised use of a computer.

At the same time, the Securities & Exchange Commission (SEC), the US financial market regulator, has filed a complaint against him, alleging "numerous violations of the federal securities laws".

Both cases accuse Mr Dinh of hacking into client accounts at a US brokerage in order to buy and sell share options, and adopting a web of aliases to cover his tracks.

But according to the SEC, the authorities - once alerted - were able to unravel and eradicate the fraud without difficulty.

"To those who attempt to use the perceived anonymity of the internet to victimise investors, our message remains clear: we will track you down and hold you accountable," said Linda Chatman Thomsen of the SEC's enforcement division.

Evasive action

Mr Dinh's fraud arose from an attempt to avoid losses on share options - financial instruments that allow investors to speculate by buying or selling shares at a pre-arranged price and date.

How hackers commit fraud
Get in touch with investors through online forums
E-mail them with downloadable share-price chart program
Program records victim's keystrokes, allowing fraudster to work out passwords
Use passwords to access victim's online trading account
Use victim's account to buy worthless stock from fraudster's other accounts
Try to conceal fraud with multiple e-mail accounts and websites
According to the SEC complaint, Mr Dinh bought 9,100 options on shares in hi-tech firm Cisco Systems for $10 apiece in late June - options which looked likely to become worthless as their mid-July expiration date approached.

Facing potentially catastrophic losses, Mr Dinh allegedly obtained e-mail details of other investors, and sent them a program that posed as a charting tool, but was in fact a "Trojan Horse", allowing him to spy on their computer keystrokes.

Using the password and other personal information gathered this way, the SEC says, Mr Dinh then hacked into an account at the brokerage TD Waterhouse, and used it as a fake purchaser for his near-worthless options.

The SEC says this bogus transaction saved him $37,000 in trading losses.

Complex case

The flaw in Mr Dinh's scheme was that the legitimate owner of the TD Waterhouse trading account naturally noticed the heavy losses, as well as the thousands of worthless share options.

Mr Dinh tried to cover his tracks, the complaint alleges, by using internet service providers in Ireland, Germany and Australia - precautions that investigators from the FBI and SEC say were easily penetrated.

The case is the first time that the SEC has become closely involved in a hacking case, few of which relate directly to securities fraud.

And if Mr Dinh is convicted, it could produce one of the heavist punishments so far achieved in this type of case.

The US attorney points out that the fraud counts carry a maximum prison term of 20 years, with another 10 years for computer crime.

On top of that, the law provides for three years of probation and a fine of up to $1m.

The SEC is also demanding that Mr Dinh repay all the stolen money and offer unspecified damanges.

US port 'hit by UK hacker'
06 Oct 03  |  Hampshire/Dorset
Hacker hit parade goes live
05 Aug 03  |  Technology
Closing the holes on hackers
03 May 03  |  Technology
Spammers and virus writers unite
30 Apr 03  |  Technology
Commuters hack wireless networks
26 Mar 03  |  Technology
Prominent hacker Mitnick hacked
11 Feb 03  |  Technology
Why we need hackers
15 Nov 02  |  Technology
How to hack people
14 Oct 02  |  Technology

The BBC is not responsible for the content of external internet sites


News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific