Former Teen Stock Swindler Pleads to New Hacking Charges
By Kevin Poulsen
October 7, 2009
2:53 pm
Categories: Breaches, Hacks and Cracks
A former teenage hacker who once served prison time for an online stock-trading scheme pleaded guilty last week to new charges of cracking a New York-based currency exchange service and gifting himself more than $100,000.
Van T. Dinh leaves a federal courthouse in Philadelphia in 2003, when, as a 19-year-old Drexel University student, he was charged with a hacking scheme the SEC called unusually complex.
AP Photo/Mark Stehle
On Sept. 29, Van T. Dinh, now 25, confessed to computer fraud and identity theft in federal court in Manhattan.
Dinh, who lives in Pennsylvania, gained notoriety in 2003, when, as a 19-year-old stock trader, he found a novel way to unload a bad investment in thousands of worthless stock derivatives: He hacked into another trader’s account, and bought the options from his own account.
The gambit made Dinh the first person charged by the Securities and Exchange Commission with a fraud involving both computer hacking and identity theft. He was sentenced in 2004 to 13 months in prison, followed by three years of supervised release.
The punishment evidently did little to suppress Dinh’s appetite for high-risk ventures. Last Dec. 30, according to an FBI affidavit (.pdf), Dinh set up a legitimate account with an online currency exchange service based in New York. Two weeks later, he logged in using an administrative password and added $55,000 to his account. The bureau says he added another $55,000 two days after that.
digg_url = 'http://www.wired.com/threatlevel/2009/10/dinh/';
At the same time, Dinh used his access to make currency trades on two other customer accounts, and then gave one of them $140,326.75, according to an affidavit by FBI agent Frank Manzi.
The FBI traced the hacking to an IP address assigned to the home Dinh shares with his mother in Phoenixville, Pennsylvania, near Philadelphia. Dinh was arrested March 16 on an earlier version of the federal complaint. He’s being held without bail at the Metropolitan Correctional Center in New York as a “danger to the community by hacking activities,” among other reasons.
The victim company isn’t identified in court documents, and it appears that the scam was uncovered before any money left the company’s coffers. But the FBI says the hack cost the company more than $5,000 in restoration and recovery costs.
Dinh did not respond to a letter sent to him in jail following his arrest. A phone call to his house was not returned.
The hacker’s early legal trouble also involved online trading accounts.
In 2003, Dinh found himself the unhappy owner of $90,000 of Cisco“put” options that were on the verge of expiring without a payoff.Instead of absorbing the losses, the young trader used a Trojan horse program disguised as a stock charting tool to take control of an innocent victim’s online stock account. He then had the victim’s account purchase $37,000 worth of his options, shaving his losses.
At his sentencing hearing on that earlier case, prosecutors read from an electronic diary found on Dinh’s computer.
“I am so proud of myself for my ‘hacking business’ — I will never regret what I did,” Dinh wrote. “I am the best of the best Trickster. I laugh often when Mom says she worries … Even if I go to jail — big deal -— I will learn something there. Hahaha.”
By Kevin Poulsen
October 7, 2009
2:53 pm
Categories: Breaches, Hacks and Cracks
A former teenage hacker who once served prison time for an online stock-trading scheme pleaded guilty last week to new charges of cracking a New York-based currency exchange service and gifting himself more than $100,000.
Van T. Dinh leaves a federal courthouse in Philadelphia in 2003, when, as a 19-year-old Drexel University student, he was charged with a hacking scheme the SEC called unusually complex.
AP Photo/Mark Stehle
On Sept. 29, Van T. Dinh, now 25, confessed to computer fraud and identity theft in federal court in Manhattan.
Dinh, who lives in Pennsylvania, gained notoriety in 2003, when, as a 19-year-old stock trader, he found a novel way to unload a bad investment in thousands of worthless stock derivatives: He hacked into another trader’s account, and bought the options from his own account.
The gambit made Dinh the first person charged by the Securities and Exchange Commission with a fraud involving both computer hacking and identity theft. He was sentenced in 2004 to 13 months in prison, followed by three years of supervised release.
The punishment evidently did little to suppress Dinh’s appetite for high-risk ventures. Last Dec. 30, according to an FBI affidavit (.pdf), Dinh set up a legitimate account with an online currency exchange service based in New York. Two weeks later, he logged in using an administrative password and added $55,000 to his account. The bureau says he added another $55,000 two days after that.
digg_url = 'http://www.wired.com/threatlevel/2009/10/dinh/';
At the same time, Dinh used his access to make currency trades on two other customer accounts, and then gave one of them $140,326.75, according to an affidavit by FBI agent Frank Manzi.
The FBI traced the hacking to an IP address assigned to the home Dinh shares with his mother in Phoenixville, Pennsylvania, near Philadelphia. Dinh was arrested March 16 on an earlier version of the federal complaint. He’s being held without bail at the Metropolitan Correctional Center in New York as a “danger to the community by hacking activities,” among other reasons.
The victim company isn’t identified in court documents, and it appears that the scam was uncovered before any money left the company’s coffers. But the FBI says the hack cost the company more than $5,000 in restoration and recovery costs.
Dinh did not respond to a letter sent to him in jail following his arrest. A phone call to his house was not returned.
The hacker’s early legal trouble also involved online trading accounts.
In 2003, Dinh found himself the unhappy owner of $90,000 of Cisco“put” options that were on the verge of expiring without a payoff.Instead of absorbing the losses, the young trader used a Trojan horse program disguised as a stock charting tool to take control of an innocent victim’s online stock account. He then had the victim’s account purchase $37,000 worth of his options, shaving his losses.
At his sentencing hearing on that earlier case, prosecutors read from an electronic diary found on Dinh’s computer.
“I am so proud of myself for my ‘hacking business’ — I will never regret what I did,” Dinh wrote. “I am the best of the best Trickster. I laugh often when Mom says she worries … Even if I go to jail — big deal -— I will learn something there. Hahaha.”
No comments:
Post a Comment