Company changes name after SEC charges 18 over pump-and-dump hacking scheme
Lotus Bio-Technology Development Corp. announced on Tuesday that it is initiating a name change, following revelations that its stock was manipulated as part of a pump-and-dump scheme that involved the hack of more than 30 brokerage accounts.
The U.S. Securities and Exchange Commission, which regulates publicly-traded companies and oversees the government’s efforts to prevent market manipulation, said on Monday that it charged 18 individuals and entities involved in the scheme, including the founder of Lotus.
Two overlapping groups of Canadian, U.S., and British citizens were able to generate more than $1 million in illicit proceeds in 2017 and 2018 as part of the operation, the SEC said. According to court documents filed with the U.S. District Court for the Northern District of Georgia, the scheme started when the individuals collectively acquired “substantial shares” of two publicly-traded firms: Lotus and Good Gaming Inc. One of the defendants — Rahim Mohamed of Alberta — allegedly coordinated account takeover attacks on dozens of brokerage accounts belonging to innocent investors.
The hacked brokerage accounts were then used to purchase large amounts of Lotus and Good Gaming stocks, driving the price of the shares up.
“The defendants then sold the shares they had acquired at the inflated prices, generating approximately $1.3 million in proceeds and creating substantial profits for the defendants,” according to the court documents.
Lotus “has claimed to be a start-up in several lines of business, including low-budget films and Chinese organic products,” according to court documents, and the company has said it has not generated any revenues. Good Gaming was incorporated in Pennsylvania in 2008 as an online gaming business, and in 2016 was largely acquired by CMG Holdings, which made about $1 million in revenue in 2022.
On Tuesday, Lotus announced that board member Zoltan Nagy had resigned his position earlier this month and surrendered 150 million common shares back to the company.
In a separate announcement, the company said it was planning to change its name to Boomerang Corporation, which chief executive Hoyt Christopher said “more closely reflects the approachable, personalized nature of our current and future business model.”
Neither statement mentioned the SEC charges, and an email sent to a representative listed on the announcements was returned to the sender as undeliverable.
According to court documents, Nagy, a 55-year old who resides near Vancouver, founded Lotus in 2011 and has been its controlling shareholder for many years. He is also the sole officer and director of the publicly-traded Black Rock Petroleum Company, which is a spinoff of Lotus, according to the documents. An email sent to a contact address listed on Black Rock’s website was also returned as undeliverable.
Glenn Laken, the president and chairman of CMG Holdings Group, which was the controlling shareholder of Good Gaming in at least May 2017, according to court documents, was also charged by the SEC on Monday. CMG did not mention the charges or pump-and-dump scheme in its quarterly filing with the SEC on Monday, in which it announced a 234% jump in revenue. According to court documents, “Laken was convicted of securities fraud in connection with a stock promotion scheme in the early 2000s and, as a result, he served a 63-month federal prison sentence.”
Neither CMG Holdings or Lotus Bio-Technology responded to requests for comment.
SEC officials said the case highlights the importance of cybersecurity and the commission’s efforts to combat cyber fraud.
“Our complaint details a brazen and sophisticated scheme, with hackers using international accounts and dummy account holders to hide their tracks,” said Nekia Hackworth Jones, Director of the SEC’s Atlanta Regional Office. “As this case demonstrates, the Division can uncover misconduct even when it crosses borders and is concealed behind multiple layers of obfuscation.”
Adam Janofsky is the founding editor-in-chief of The Record by Recorded Future. He previously was the cybersecurity and privacy reporter for Protocol, and prior to that covered cybersecurity, AI, and other emerging technology for The Wall Street Journal.