The Federal Bureau of Investigation in the United States of America has arrested Nigerian national, Charles Onus for cybercrime, hacking over 5,500 company user accounts and diverting payroll of about $800,000 into prepaid debit cards.
The 34-year-old suspect was arrested and detained on April 14, this year in San Francisco, and was presented before the Manhattan federal court on Wednesday.
According to Manhattan U.S. Attorney Audrey Strauss, “Charles Onus allegedly participated in a scheme that stole nearly $1 million by hacking into a payroll processing company’s system to access user accounts and divert payroll to prepaid debit cards he controlled.”
Strauss added, “As alleged, Onus did this as effectively as someone who commits bank burglary, but with no need for a blowtorch or bolt-cutters. Thanks to the FBI and IRS-CI, Onus is in custody and facing serious federal charges.”
In their announcements, FBI and the Internal Revenue Service, Criminal Investigation, said the user accounts compromised were maintained by a company providing human resources and payroll services to employers across the country, the U.S. Department of Justice said in a statement.
Onu was said to have participated in the scheme between July 2017 through about 2018, obtaining over 5,500 company user accounts through a cyber intrusion technique referred to as “credential stuffing.”
“After Onus successfully gained unauthorised access to a Company user account, he changed the bank account information designated by the user of the account so that Onus would receive the user’s payroll to a prepaid debit card that was under Onus’ control.
“From at least in or about July 2017 through at least in or about 2018, at least approximately 5,500 company user accounts were compromised and more than approximately $800,000 in payroll funds were fraudulently diverted to prepaid debit cards, including those under the control of Onus,” the statement said.