Two suspects were arrested in connection with hacking US networks and stealing employee data

At the request of U.S. authorities, four men were arrested for hacking into US network to steal data from employees and file fraudulent US tax returns.

Four U.S. Indictments were recently unveiled and identified four suspects: Olayemi Madafin (United Kingdom), Okinola Taylor, Akinola (Nigeria), Kazeem Olanrewaju Ransewe (Nigeria).

They are charged with transnational fraud and identity theft. The men were accused of filing fraudulent tax returns to the United States Internal Revenue Service, (IRS), in order to steal tax refunds from the IRS.

Taylor and Runsewe broke into U.S. businesses’ servers and took personally identifiable information (PII), from U.S. citizens.

The Department of Justice claims that the suspects bought stolen credentials on cybercrime marketplaces such as the now-closed xDedic marketplace to gain access.

The stated that Taylor and Runsewe obtained unauthorized access computer servers from xDedic Marketplace. This website was operated for many years and sold access to compromised computers around the world and personal identifiable information to U.S residents.

xDedic, a Ukrainian cybercrime forum, and sold hackers access to computers networks that were breached through brute-forcing passwords, exploiting weaknesses, or bribing outsiders.

Between 2014 and 2019, the xDedic platform was in operation. It was eventually shut down by an international law enforcement agency. A backdoor verification system was used to verify the authenticity of access sales.

According to the DOJ, Taylor and Runsewe claimed that they used their acquired information to file fraudulent Form 1040 claims with the IRS. They did so using valid U.S. resident PII and bank accounts which were under their control to receive the funds.

Adafin, Oyebanjo, and others allegedly helped the fraudsters in money laundering, by transferring proceeds to other conspirators through complex networks of bank accounts and debit cards.

The FBI and IRS-CI Cyber Crimes Unit conducted an investigation that revealed the identities of four people. They will be extradited.

The maximum sentence for wire fraud convictions is up to 20 years imprisonment in federal prison. This does not include additional punishments for identity theft or theft of public funds.

The four men must also forfeit any assets that are connected to the proceeds from the offenses if they are found guilty.