You don’t have to sell stolen personal data on the Dark Web, hold files for ransom or perform DDoS attacks for money in order to make serious cash from hacking. That’s what three Chinese hackers have proven by making about $4 million from US law firms they hacked.
The three men: Iat Hong, Bo Zheng and Chin Hung have been charged with computer intrusion, conspiracy, insider trading and wire fraud. Hong was arrested on Sunday and awaits extradition. The other two are still at large. Attorneys for the accused have made no comment yet.
And just what did these enterprising hackers do to make so much money? Posing as tech analysts, the three were able to hack into seven New York law firms and capture emails from law partners. The trio of hackers then used the information they acquired to find out about upcoming company mergers and bought shares of stock of those companies. The insider trading goes back to at least 2015.
If law firms didn’t have to worry enough about employees dealing in insider trading, they now have one more cause to make sure their cybersecurity is up to date.