Four men have been arrested on wire fraud and identity theft charges, and now face extradition to the US for their alleged roles in a conspiracy that involved breaking into US companies’ servers, stealing personally identifiable information (PII), using that info to file fraudulent tax returns and then collecting tax refunds.
In newly unsealed indictments, the Feds also ordered the four to forfeit property and other assets that can be traced to their ill-gotten gains. Nigerian citizens Akinola Taylor and Kazeem Olanrewaju Runsewe, along with UK citizen Olayemi Adafin were all arrested on November 30 in London (Taylor and Adafin) and Sweden (Runswewe). Another Nigerian, Olakunle Oyebanjo, was arrested a day later in London.
Foreign authorities also conducted searches of Taylor’s and Runsewe’s residences.
If convicted, each of the men faces a maximum penalty of 20 years in federal prison for wire fraud, plus additional penalties for filing false claims with the US Internal Revenue Service (IRS), theft of public money or property, and aggravated identity theft.
The conspiracy dates back to early 2017, according to court documents. Around this time, Taylor [PDF] and Runsewe [PDF] gained unauthorized access to US accounting firms and other businesses’ servers.
One of the places that Taylor and Runsewe shopped for compromised Remote Desktop Protocol (RDP) servers that gave them this illicit access was the xDedic Marketplace, a website that for years sold credentials to compromised computers worldwide and PII belonging to US residents. At its height, xDedic touted logins for 85,000 systems at