[mc4wp_form id=”2320″]
U.K. hacker charged in $3.75 million insider trading scheme using hacked executive emails. The U.S. Department of Justice (DoJ) has charged Robert Westbrook, a 39-year-old national from the U.K., in connection with a hack-to-trade fraud scheme that allegedly generated nearly $3.75 million in illegal profits. Westbrook was arrested last week and is expected to be extradited to the United States to face serious charges, including securities fraud, wire fraud, and five counts of computer fraud.
According to court documents, Westbrook executed a fraudulent scheme between January 2019 and May 2020. He allegedly gained unauthorized access to Microsoft 365 accounts belonging to corporate executives at various U.S.-based companies, allowing him to profit from non-public information.
“On at least five occasions, Westbrook accessed Office 365 email accounts belonging to corporate executives to obtain confidential information, including details about upcoming earnings announcements,” the DoJ stated.
Westbrook reportedly used the sensitive information he acquired to purchase securities, profiting by selling them shortly after the announcements were made public. Notably, he implemented auto-forwarding rules to automatically send content from the compromised email accounts to his own controlled email addresses.
The Securities and Exchange Commission (SEC) revealed that Westbrook reset the passwords of executives’ accounts to gain access to sensitive information from five public companies ahead of at least 14 earnings announcements. Despite his attempts to conceal his identity—using anonymous email accounts, VPN services, and Bitcoin—investigators were able to trace his actions.
“Even though Westbrook took multiple steps to hide his identity, the Commission’s advanced data analytics and technology can uncover fraud, even in cases involving sophisticated international hacking,” said Jorge G. Tenreiro, acting chief of the SEC’s Crypto Assets and Cyber Unit.
If convicted, Westbrook faces severe penalties. The securities fraud charge carries a maximum sentence of up to 20 years in prison and a fine of $5 million. The wire fraud charges could add another 20 years, along with a fine of either $250,000 or twice the gain or loss from the offense. Each count of computer fraud also carries a potential penalty of five years in prison and a maximum fine of $250,000 or twice the gain or loss.
Found this article interesting? Follow us on Twitter and Facebook to read more exclusive content we post.