Former Teen Stock Swindler Sentenced to Three Years on New Hack | Threat Level | Wired.com

Former Teen Stock Swindler Sentenced to Three Years on New Hack

• By Kevin Poulsen
• March 31, 2011  | 
• 3:19 pm  | 
• Categories: Crime, Hacks and Cracks

A former teenage hacker who once served time for an online stock-trading scheme was sentenced in New York this week to three years in prison on new charges of cracking a New York-based currency exchange service and gifting himself more than $100,000.

Van T. Dinh leaves a federal courthouse in Philadelphia in 2003, when, as a 19-year-old Drexel University student, he was charged with a hacking scheme the SEC called unusually complex. Photo: Mark Stehle/AP

Van T. Dinh, now 27, was also ordered to pay $125,000 in restitution for the scam, and to serve three years of federal supervised release.

Dinh, who lives in Pennsylvania, gained notoriety in 2003, when, as a 19-year-old stock trader, he found a novel way to unload a bad investment in thousands of worthless stock derivatives: He hacked into another trader’s account, and bought the options from his own account.

The gambit made Dinh the first person charged by the Securities and Exchange Commission with a fraud involving both computer hacking and identity theft. in 2004 he was sentenced to 13 months in prison.

After his release, his probation officer concluded that Dinh “was not seriously applying himself” to secure employment. Then, in December 2008, according to an FBI affidavit (.pdf), Dinh set up a legitimate account with an online currency exchange service based in New York. Two weeks later, he logged in using an administrative password and added $55,000 to his account. The bureau says he added another $55,000 two days after that.

At the same time, Dinh used his access to make currency trades on two other customer accounts, and then gave one of them $140,326.75, according to an affidavit by FBI agent Frank Manzi.

The FBI traced the hacking to an IP address assigned to the home Dinh shares with his mother in Phoenixville, Pennsylvania, near Philadelphia. Dinh was arrested and held without bail at the Metropolitan Correctional Center in New York as a “danger to the community by hacking activities,” among other reasons. He later pleaded guilty to computer fraud and identity theft.

The hacker’s early legal trouble also involved online trading accounts.

In 2003, Dinh found himself the unhappy owner of $90,000 of Cisco ”put” options that were on the verge of expiring without a payoff. Instead of absorbing the losses, the young trader used a Trojan horse program disguised as a stock charting tool to take control of an innocent victim’s online stock account. He then had the victim’s account purchase $37,000 worth of his options, shaving his losses.

At his sentencing hearing on that earlier case, prosecutors read from an electronic diary found on Dinh’s computer.

“I am so proud of myself for my ‘hacking business’ — I will never regret what I did,” Dinh wrote. “I am the best of the best trickster. I laugh often when Mom says she worries … Even if I go to jail, big deal: I will learn something there. Hahaha.”

Kevin Poulsen is a senior editor at Wired.com and editor of the award-winning Threat Level blog. His new book on cybercrime, KINGPIN, comes out February 22, 2011 from Crown.
Follow @kpoulsen on Twitter.

• Post Comment  | 
• Permalink

Also on Wired.com

• The Last Resting Place of Decuriasuchus

• Sun Video Shows New Solar Cycle Is Far More Active

• Survey: Verizon's iPhone Gets Better Grades Than AT&T

• Amateur Astrophotographers Unwittingly Help Scientists Track Comet

• Hands-On With the GoPro 3-D Sports Camera Kit

• HTC Thunderbolt May Have Camcorder Audio Problems

Related Topics:

• Crime and Law, 
• Criminal Sentencing and Punishment, 
• Philadelphia, 
• U.S. Securities and Exchange Commission, 
• Crime, 
• Identity Theft

via wired.com