A Nigerian nationwide was sentenced to eight years in jail for hacking a number of tax preparation companies in Massachusetts and submitting fraudulent tax returns looking for over $8.1 million in refunds.
37-year-old Matthew Abiodun Akande was arrested in October 2024 at London’s Heathrow Airport and extradited to the USA in March 2025. He was indicted by a federal grand jury in July 2022 earlier than his arrest, whereas he was nonetheless residing in Mexico.
In keeping with courtroom paperwork, after having access to the businesses’ methods, Akande stole their shoppers’ private data and used it to file over 1,000 fraudulent tax returns and accumulate greater than $1.3 million in fraudulent refunds between June 2016 and June 2021.
To achieve entry to the focused companies’ laptop networks, Akande purchased licenses for the Warzone remote-access trojan malware (whose infrastructure was seized by the FBI in February 2024) and encryption software program often called a crypter to make the malware undetectable by antivirus options put in on the victims’ units.
He then despatched phishing emails impersonating the Chief Govt Officer of a Massachusetts architectural engineering firm to 4 tax preparation companies, utilizing an internet area and e mail account mimicking the CEO’s identify to make the messages seem genuine.
Akande connected the manager’s 2019 tax paperwork to the phishing emails (together with W-2 and 1099 varieties) so as to add credibility, and directed recipients to a Dropbox hyperlink allegedly containing the CEO’s prior-year tax data that, when clicked, silently put in the malware on their methods.
“In actuality, the Dropbox account contained a disguised executable file that, when downloaded and executed, would trigger the Sufferer CPA Companies to unknowingly obtain RAT malware onto their laptop networks,” the indictment reveals. “The homeowners of every of Sufferer CPA Companies [..] accessed the hyperlink and, as AKANDE supposed, unknowingly downloaded RAT malware, which was used to gather every agency’s consumer PIl and prior years’ tax data.”
As soon as contained in the companies’ networks, Akande used the Warzone RAT malware to steal their shoppers’ Social Safety numbers and prior-year tax knowledge, then used the harvested data to file fraudulent returns looking for over $8.1 million in refunds.
The refunds had been directed to financial institution accounts managed by co-conspirators in the USA, who withdrew the funds in money and transferred a portion to associates in Mexico, as instructed by Akande.
U.S. District Courtroom Choose Indira Talwani in Boston sentenced Akande to eight years in jail and three years of supervised launch, and ordered him to pay almost $1.4 million in restitution.
Fashionable IT infrastructure strikes quicker than guide workflows can deal with.
On this new Tines information, learn the way your group can scale back hidden guide delays, enhance reliability via automated response, and construct and scale clever workflows on high of instruments you already use.
