washingtonpost.com
Hack, Pump And Dump

By Ellen Nakashima
Washington Post Staff Writer
Friday, January 26, 2007

Aleksey Kamardin reaped $13,158 in just 104 minutes buying and selling penny stocks.

The 21-year-old bought 43,000 shares in a small Wisconsin equipment company that makes, among other things, potato harvesters. He sold the shares less than two hours later at nearly double the investment.

But Kamardin's is no success story. Instead, federal authorities say, his methods place him at the front of a wave of techno-criminals who meld computer hacking with identity theft to create nightmares for legitimate investors.

Kamardin and his accomplices allegedly hacked into four online trading accounts of unsuspecting investors, selling off their holdings in higher-valued companies to purchase shares in Thomas Equipment, a firm whose stock that day soared from 26 cents to 80 cents a share, authorities said. The trading volume of Thomas increased tenfold.

Kamardin, allegedly part of an East European ring, repeated this scheme on 13 other occasions in July and August, defrauding investors of $82,960, according to a civil complaint filed yesterday by the Securities and Exchange Commission.

The complaint is one of the first the SEC has brought in response to an emerging trend of the digital era: a modern version of the old pump-and-dump stock scam.

"You wake up in the morning and all your blue chips are gone, and instead you own a microcap stock that is virtually worthless," said John Reed Stark, chief of the SEC's Office of Internet Enforcement. Stark added that he expected more complaints in the coming weeks, saying, "This is an area where we've become increasingly concerned."

The FBI is also investigating the case, which involved at least 27 accounts and 14 companies at brokers E-Trade Securities, Scottrade, TD Ameritrade, J.P. Morgan Chase and Charles Schwab. All the investors have been reimbursed by the brokers, which have been stepping up security and identity authentication measures, SEC officials said.

Kamardin, a U.S. citizen with a liquid net worth of $15,000, according to his E-Trade account application, is believed to have fled to Russia, the SEC said. He has no attorney, authorities said.

On Aug. 21 last year, Kamardin booted up his computer in his apartment in Tampa and logged into his E-Trade account, according to the SEC complaint, which forms the basis for the following account.

At 2:10 p.m. he bought 43,000 shares of Thomas Equipment.

Between 1:29 p.m. and 3:41 p.m., an intruder -- either Kamardin or an accomplice -- hacked into two TD Ameritrade accounts, using those investors' stocks to buy 60,900 Thomas Equipment shares.

At 3:28 p.m., an intruder hit a Charles Schwab account, buying 20,000 shares.

At 3:32 p.m., an E-Trade account was hacked, boosting that investor's portfolio by 68,000 Thomas Equipment shares.

At 3:35 p.m., Kamardin began to sell the Thomas shares.

One minute later, Schwab, evidently onto the fraud, canceled an order to buy 50,000 Thomas shares in a second hacked account.

By 3:53, Kamardin had unloaded all his Thomas shares, netting $13,158.

The SEC is not saying how Kamardin's ring obtained the user names and passwords on the investors' accounts. Typically, authorities said, hackers use keystroke monitoring software placed on a public computer, or they purchase personal data, such as stolen Social Security and credit card numbers, from criminal enterprises.

The fraud affects not only the investors, but the market and companies whose stocks are pumped then dumped.

Hugo Cancio was stunned when trading on his company's stock increased from fewer than 1,000 shares a day to 1.1 million shares last Aug. 24.

"For no reason whatsoever," he said, the share price for Fuego Entertainment, a Miami-based entertainment firm targeting the burgeoning Latino media market, zoomed from 88 cents to $1.28.

"My phone rang off the hook," he said. "We couldn't figure out what was going on."

Allegedly, between 11:51 a.m. and 3:05 p.m. that day, Kamardin had bought and sold 55,000 Fuego shares, raking in $9,164.

In the interim, 10 accounts with Fuego holdings were hacked into at TD Ameritrade, Scottrade, E-Trade and Schwab.

"Wow, wow," Cancio said, upon hearing the allegations. "That's unbelievable."

The following day, Cancio said, his company's share price had plummeted to 13 cents, where it has been ever since. TD Ameritrade, the third-largest online broker by volume, has restricted online trade on the company's stock.

Cancio said that on Aug. 24 he was negotiating a deal to buy 14 television stations, and when he saw the price surge, he began to suspect the stations' owner of insider trading.

The owner denied it, but the deal soured, and with the share price down, Cancio said, the deal is on the rocks. "We were knocking on the door of a multibillion market," he said. "We haven't seen any progress. It's all due to that particular day."

On Aug. 28 and Aug. 29, Kamardin wired proceeds from his E-Trade account to a Wachovia bank account and then transferred the funds to an account owned by his Russian-born roommate. The roommate wired the money to a bank account in Riga, Latvia, the SEC alleges.

E-Trade, which regularly monitors unusual activity, at some point became concerned and alerted the SEC and the FBI of possible fraudulent activities, said sources familiar with the matter.

Kamardin is charged with securities fraud. The SEC is seeking return of the money and payment of civil penalties.

Staff researcher Richard Drezen contributed to this report.

View all comments that have been posted about this article.

© 2007 The Washington Post Company