Four men suspected of hacking into US networks to steal employee data for identity theft and the filing of fraudulent US tax returns have been arrested in London, UK, and Malmo, Sweden, at the request of the U.S. law enforcement authorities.
The suspects identified in four recently unsealed U.S. indictments are Akinola Taylor (Nigeria), Olayemi Adafin (United Kingdom), Olakunle Oyebanjo (Nigeria), and Kazeem Olanrewaju Runsewe (Nigeria).
The four men are accused of transnational wire fraud and identity theft for filing false tax claims with the United States Internal Revenue Service (IRS) to steal money from the agency through tax refunds.
To do this, Taylor and Runsewe breached the servers of U.S. companies and stole personally identifiable information (PII) of U.S. residents.
To gain access to these servers, the Department of Justice says the suspects purchased stolen credentials from cybercrime marketplaces, such as the now-shut-down xDedic marketplace.
“One of the places that Taylor and Runsewe had obtained unauthorized access to computer servers was the xDedic Marketplace, a website that operated for years and was used to sell access to compromised computers worldwide and personally identifiable information of U.S. residents,” read the DoJ announcement.
xDedic was a Ukrainian-language cybercrime forum and Remote Desktop Protocol (RDP) marketplace, selling hackers access to computer networks breached by brute-forcing user passwords, exploiting vulnerabilities, or bribing insiders.
The xDedic marketplace operated between 2014 and 2019 when an International law enforcement operation eventually took it down. The platform had a backdoor verification mechanism that guaranteed the validity of the access sales.
The DOJ claims Taylor and Runsewe used the acquired information to fill out fraudulent Form 1040 claims to the IRS, using valid U.S. resident PII but including bank accounts under their control for receiving the funds.
Adafin and Oyebanjo allegedly assisted the scammers in the money laundering stage, transferring the proceeds to other conspirators and through a complex network of debit cards and bank accounts, hoping to obscure the trace.
An investigation led by the IRS-CI Cyber Crimes Unit and the FBI uncovered the real identities of the four individuals, who will now face extradition proceedings.
If convicted of wire fraud, the four individuals face a maximum sentence of up to twenty years in federal prison, not considering additional penalties for identity theft and theft of public money.
Also, if found guilty, the four men will have to forfeit all assets linked to the proceeds of the identified offenses.