MANHATTAN (CN) – A federal indictment unsealed Tuesday says two men from Macau and one from China made millions in inside trading after hacking powerful law firms with New York offices.
U.S. Attorney Preet Bharara unveiled the 13-count superseding indictment in announcing the Christmas Day arrest of one of the accused hackers.
Iat Hong, 26, was taken into custody in Hong Kong and presented for an initial appearance the next day before a judge there.
Pending his extradition, Hong is expected to have his next court appearance on Jan. 16.
Hong’s co-defendant, 50-year-old Chin Hung is a resident of Macau. The third defendant, Bo Zheng, 30, is a resident of Changsha, China. The Securities and Exchange Commission brought a complaint of its own in the same court. It named Hong's mother, Sou Cheng Lai in Macau, as "a relief defendant because her accounts received illegal profits from defendant Hong's trading as part of the fraudulent scheme."
Prosecutors say the defendants targeted at least seven law firms, and successfully penetrated the networks of at least two unnamed firms from April 2014 through late 2015.
To acquire inside information, the defendants allegedly targeted the email accounts of attorneys who worked on high-profile mergers-and-acquisitions transactions.
Expecting that the implicated companies would see jumps in their stock prices, the defendants bought up shares, according the indictment.
The government says Hong, Hung and Zheng made at least $4 million by investing in at least five publicly traded companies before public announcements that those companies would be acquired, and then selling those shares once the acquisitions were made public.
Omitting any identifying details, the government says one of the hacked firm had been retained in June 2014 to advise a company on the contemplated acquisition of drugmaker Intermune.
Hong, Hung and Zheng began exchanging emails beginning on July 21, 2014, concerning particular partners at the law firm who worked on mergers and acquisitions, according to the complaint.
By July 29, Hong allegedly emailed Hung a list of 11 partners at the law firm, including the attorney who was working on the contemplated Intermune transaction.
Prosecutors say the defendants used the credentials of one employee of the firm that same month to access one of the law firm’s web servers without authorization.
After installing malware on the server, the defendants allegedly gained unauthorized access to the firm’s email.
The unnamed partner from Hong’s list meanwhile began receiving emails about the merger deal in August, according to the complaint.
During those same days, “the defendants caused more than 40 gigabytes of confidential data to be exfiltrated from the Law Firm-1 email server,” a statement from the Justice Department says.
Hong allegedly bought 7,500 shares of Intermune stock on Aug. 13 for certain trading accounts that had never bought Intermune shares prior to that date.
Hong bought another 1,000 shares of Intermune stock in the trading accounts later that day. Hong and Zheng bought an additional 9,500 shares on Intermune stock between Aug. 18 and Aug. 21, 2014, according to the indictment.