Security News > 2022 > May > US charges hacker for breaching brokerage accounts, securities fraud
Many of the victimized entities were U.S.-based financial institutions and brokerage firms that suffered direct system compromise from Mustapha and his co-conspirators, who performed unauthorized transactions using other peoples' brokerage accounts.
"The defendant was part of a nefarious group that caused millions of dollars in losses to victims by engaging in a litany of cybercrimes, including widespread hacking, fraud, taking control of victims' securities brokerage accounts, and trading in the name of the victims," stated U.S. Attorney Breon Peace.
Starting in 2011, Mustapha and at least one Lithuanian co-conspirator engaged in various schemes to obtain unauthorized access to U.S.-based email servers that supported bank account and brokerage account access to customers.
The hackers stole email account credentials and then used them to log in to bank and brokerage platforms.
In the case of the brokerage accounts, Mustapha accessed them directly and transferred amounts or the entire online securities to other firms and new accounts.
To bypass the imposed blocks that some of the firms placed as an anti-fraud measure, the aggressor fraudulently used the victims' accounts to place unauthorized trades that benefited stocks under his control.