Wall Street IT Engineer Hacks Employer to See If He Will Be Let Go
Updated: Oct 10, 2018
On Friday, April 7, the FBI arrested Zhengquan Zhang, a 31-year-old IT engineer, who now stands accused of installing malware on his employer's servers to steal proprietary source.
Zhang started working for his former employer, KCG Holdings, Inc., in March 2010, first in its New York branch, and then its San Francisco offices. During his stint with the company, a Wall Street securities firm, Zhang worked as a DevOps engineer and was later promoted to a supervisor role, in charge of several other engineers.
Among Zhang's duties, according to his LinkedIn page and an FBI affidavit, the suspect was tasked with managing the source code of KCG's trading platform and the trading algorithms the company used to automate some of its financial transactions.
Access to this repository was granted only to approved employees and based on encryption keys that decrypted the source code based on each employee's access level.
Zhang's hacking uncovered last month
On Saturday, March 25, a quantitive analyst working for KCG from home logged in remotely into his work computer.
Shortly after, the analyst was disconnected from his session, and on re-opening the connection, the analyst says he discovered that someone had accessed his computer and opened a folder that held his archived email messages.
During the following hours, while trying to work, the same analyst was disconnected several times from his account.
Understanding that something was wrong, the analyst logged the attacker's unique identifier used to connect to his work computer.
The next day, the analyst provided this identifier to the company's security team, who quickly tied it to Zhang's computer. KCG admins revoked Zhang's access, called in authorities, and started an official investigation.
Continue Reading this article on Bleeping Computer