Nigerian hacker arrested for stealing $7.5M from charities

A Nigerian national was arrested in Ghana and is facing charges related to business email compromise attacks that caused a charitable organization in the United States to lose more than $7.5 million.
Olusegun Samson Adejorin was arrested on December 29 for defrauding two charitable organizations in Maryland and New York, according to an eight-count federal grand jury indictment in the U.S. Specifically, Adejorin faces charges for wire fraud, aggravated identity theft, and unauthorized access to a protected computer linked to attacks aimed at two Maryland-based charitable organizations, culminating in the embezzlement of $7.5 million.
In an annoucement this week, the U.S. Department of Justice says that Adejorin's fraud scheme occurred between June and August 2020 and involved unauthorized access to email accounts as well as impersonating employees.
Posing as an employee of one charity, Adejorin requested large withdrawals of funds from the other charity, which provided investment services to Victim 2.
To successfully process withdrawals over $10,000, Adejorin used stolen credentials to send emails from accounts of employees that needed to approve the transactions.
Following these actions, Adejorin successfully tricked Victim 1 into transferring $7.5 million to bank accounts the attacker controlled, while the organization believed they were depositing the amounts into legitimate Victim 2 bank accounts.
Adejorin faces a maximum penalty of 20 years for wire fraud, five years for unauthorized access to a protected computer, and a mandatory sentence of two years for aggravated identity theft.
The U.S. DoJ announcement also notes that the sentence may be extended by seven years for malicious registration and use of a domain name.
BEC attacks, also known as CEO fraud, can result in significant financial damage.
Last summer, a report from the FBI noted that business email compromise had caused billions of U.S. Dollars in losses.
Some reasonable defense measures to consider include implementing multi-factor authentication to reduce the likelihood of unauthorized account access, using email filtering to detect and block phishing attempts, and establishing a verification procedure that underpins wire transfer requests and involves using a secondary communication channel.
When met with suspicious requests such as changing bank account details, simply calling the partner on a pre-determined number to confirm the action can help save millions.
Microsoft: OAuth apps used to automate BEC and cryptomining attacks.
UK and allies expose Russian FSB hacking group, sanction members.
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 03 Jan 2024 19:35:25 +0000


Cyber News related to Nigerian hacker arrested for stealing $7.5M from charities

Nigerian gets 10 years for laundering millions stolen from elderly - Nigerian man Olugbenga Lawal was sentenced on Monday to 10 years and one month in prison for conspiring to launder millions stolen from elderly victims in internet fraud schemes. Elder fraud encompasses scenarios where their financial assets, ...
11 months ago Bleepingcomputer.com
Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities - A Nigerian national was arrested in Ghana and faces charges in the US for his role in a business email compromise scheme involving two charitable organizations. According to the indictment, between June and August 2020, the man, Olusegun Samson ...
11 months ago Securityweek.com
Nigerian Faces $7.5m BEC Charges After Charities Are Swindled - A Nigerian national is facing an eight-count indictment related to business email compromise charges involving two US charities, after being arrested in Ghana. Olusegun Samson Adejorin has been charged with wire fraud, aggravated identity theft and ...
11 months ago Infosecurity-magazine.com
Facebook, Instagram mine web links for targeted ad dollars The Register - Infosec in brief We gather everyone's still easing themselves into the New Year. While you're recovering from the Christmas break, Meta has been busy introducing fresh ways to monetize your web surfing habits while dressing it up as a user experience ...
11 months ago Go.theregister.com
Facebook, Instagram mine web links for targeted ad dollars The Register - Infosec in brief We gather everyone's still easing themselves into the New Year. While you're recovering from the Christmas break, Meta has been busy introducing fresh ways to monetize your web surfing habits while dressing it up as a user experience ...
11 months ago Packetstormsecurity.com
Nigerian hacker arrested for stealing $7.5M from charities - A Nigerian national was arrested in Ghana and is facing charges related to business email compromise attacks that caused a charitable organization in the United States to lose more than $7.5 million. Olusegun Samson Adejorin was arrested on December ...
11 months ago Bleepingcomputer.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
5 months ago Securityweek.com
Hacker 'ShinyHunters' Pleads Not Guilty in Cybercrime Case - A hacker known as 'ShinyHunters' has pleaded not guilty in a case of cybercrime. The hacker is accused of taking part in illegal activities to steal data from victims, including passwords, credit card information, and other personal details. The ...
1 year ago Blog.cloudflare.com
Hacking Protected Java-Based Programs - This article provides examples of hacking techniques that can help Java developers avoid vulnerabilities in their programs. It is not intended to train hackers but rather for naive developers who think that standard obfuscators will save them from ...
11 months ago Feeds.dzone.com
Hangzhou's Cybersecurity Breakthrough: How ChatGPT Elevated Ransomware Resolution - The Chinese media reported on Thursday that local police have arrested a criminal gang from Hangzhou who are using ChatGPT for program optimization to carry out ransomware attacks for the purpose of extortion. An organization in the Shangcheng ...
11 months ago Cysecurity.news
Nigerian Police dismantle cybercrime recruitment, mentoring hub - The Nigerian Police Form has arrested six suspects and dismantled a mentoring hub linked to cybercrime activities, including business email compromise, romance, and investment scams. After receiving intelligence and investigating a group of ...
1 year ago Bleepingcomputer.com
Ransomware hackers 'wreaking havoc' arrested in Ukraine - European cyber police have arrested a 32-year-old suspected of being the ringleader of a ransomware gang operating in Ukraine. In raids across the country authorities seized laptops and arrested four other alleged hackers. The gang are accused of ...
1 year ago Bbc.com
Nigerian Gets 10 Years For Laundering Scam Funds - A Nigerian national has been jailed for 10 years and one month and ordered to pay almost $1.5m in restitution after being convicted of serious money laundering offenses. Olugbenga Lawal, 33, of Indianapolis, Indiana, was convicted in August last year ...
11 months ago Infosecurity-magazine.com
CyberCrime & Doing Time: Classic Baggie: A Delaware BEC Case calls him the leader of an International Criminal Organization - The U.S. Attorney's office in Delaware charged Olugbenga Lawal with being a major money launderer for a Nigerian-based international criminal organization that specialized in Business Email Compromise and Romance Scam. The Defendant's importance in ...
11 months ago Garwarner.blogspot.com
Hacker Conversations: Stephanie 'Snow' Carruthers, Chief People Hacker at IBM X-Force Red - Social engineering is effectively hacking human thought processes. Social engineering is a major factor in the overall process but is not directly part of repurposing electronic systems. A social engineer is usually classified as a hacker, and is ...
9 months ago Securityweek.com
Hacker spins up 1 million virtual servers to illegally mine crypto - A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. As announced today by Europol, the suspect is believed to be the mastermind behind a ...
11 months ago Bleepingcomputer.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
5 months ago Bleepingcomputer.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
7 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)