Russian hacker manipulated Australian stockmarket


news Police and the national markets regulator yesterday alleged that a Russian hacker had last year broken into IT systems in major Australian financial institutions and manipulated penny stocks for a profit.

In a statement released yesterday, the Australian Federal Police noted that the the Supreme Court of New South Wales had ordered more than $77,000 to be restrained following a joint ASIC-AFP operation into the hacking of online accounts of retail investors.

Operation Emerald investigated an internet hacking, market manipulation and money laundering operation involving a client account held overseas that traded through Morgan Stanley. The suspicious trades, which occurred between 18 August 2014 and 21 October 2014, were detected by ASIC’s surveillance team and immediate action was taken (with the assistance of Morgan Stanley) to prevent the profits from being distributed.

Following an investigation, ASIC uncovered the unauthorised trades were made by a suspected Russian hacker who allegedly hacked into a number of retail client accounts held with Commonwealth Securities, Etrade Australia and Australian Investment Exchange.

By using the allegedly hacked client accounts the suspected Russian hacker targeted 13 penny stocks listed on the Australian Securities Exchange (ASX) and traded them in such a way that he created an artificially inflated price. Subsequent to this trading the suspected Russian hacker then allegedly traded out of the positions, collecting the profits generated.

Following ASIC’s investigation, action was decided to be taken in relation to the profits of the trades. Following a referral from ASIC, the Commissioner of the AFP made an application under the Proceeds of Crime Act 2002, leading to yesterday’s seizure of the $77,000. The matter has been adjourned until February 2016.

ASIC Commissioner Cathie Armour said: “ASIC will continue to work with its partners here and overseas to help smash any criminal activity that is targeting our market. ASIC has a world-class surveillance system to gather, match and analyse data to uncover misconduct, and its staff continue to monitor and detect suspicious trading activity and work with market participants to ensure account hacking is swiftly identified and stopped.”

ASIC also works with international regulators through the Intermarket Surveillance Group as part of its crackdown on security for online broking accounts.

AFP Manager of the Proceeds of Crime Litigation team (POCL) David Gray said the result of this joint investigation should serve as a strong reminder to those who wish to conduct illegal money laundering activities in Australia.

“Despite efforts by criminals to evade detection, the AFP and its law enforcement partners remain committed to taking the profits out of crime and will take every opportunity to stop criminals from reinvesting these profits to fund other criminal ventures,” Gray said.

ASIC and the AFP’s statement acknowledged the assistance of Morgan Stanley, Commonwealth Securities, Etrade Australia and Australian Investment Exchange in the matter.

No massive surprise that this is going on — if anything, I suspect this will merely be the tip of a very large iceberg. And of course, we often don’t get the full story from AFP media releases about what’s happening behind the scenes. However, I must not that it is impressive that ASIC and the AFP were able to detect and stop the hacker. It shows that our financial system does have a degree of robustness when faced with this kind of threat.


  1. Silly Hacker. Obviously they don’t know how to make obscene profits from immoral behaviour by simply working within the system. Or they could purchase put options and then send a bogus media release through Reuters, causing the share price to plummet. But that would require a level of finesse they obviously lack.

  2. Hilarious.

    Chicken feed in the sharemarket, but billions in illegal property purchases go un policed.

  3. Why pump and dump when you can just buy a 100 stolen client login credentials and DIY the trade? I am amazed this was picked up for such a small (by comparison) sum of money though. I guess with virtually all trading now being electronic, it’s not hard to find this stuff if you are running the right searches on the right data, but that must be one massive data set.

    FWIW I pulled all my investments out of the share market years ago. I’ll leave it to the HFT ‘bots and the corporatocracy. Between them they control too much of the market for small players to matter, making it more of a gamble that a sound investment strategy.

  4. Heard about this on the radio this morning, the “security expert” featured gave the brilliant advice of using strong passwords to protect yourself. Obviously hasn’t heard of malware before.

    • They don’t want to spook anyone into fearing it is not safe. The financial market operates entirely on confidence. No need to even run the risk that some of the little people might get skittish. ;-)

Comments are closed.