Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

A Nigerian National's Descent into Cybercrime: The Rise and Fall of a Tax Hacking Empire



A Nigerian national has been sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. The case highlights the devastating consequences of cybercrime and the importance of cybersecurity awareness.


  • A 37-year-old Nigerian national, Matthew Abiodun Akande, has been sentenced to eight years in prison for hacking tax preparation firms and filing fraudulent tax returns.
  • Akande used phishing emails with attached documents to gain access to targeted computer networks and steal clients' personal information.
  • He filed over 1,000 fraudulent tax returns seeking more than $8.1 million in refunds using stolen Social Security numbers and prior-year tax data.
  • Akande's cybercrime activities resulted in more than $1.3 million in fraudulent refunds between June 2016 and June 2021.
  • He was ordered to pay nearly $1.4 million in restitution and will serve three years of supervised release after serving his prison sentence.



    • In a shocking turn of events, a 37-year-old Nigerian national, Matthew Abiodun Akande, has been sentenced to eight years in prison for his role in hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. The case is a stark reminder of the devastating consequences of cybercrime and the importance of cybersecurity awareness.

    Akande's journey into the world of cybercrime began several years ago, when he started buying licenses for remote-access trojan malware (RAT) software and encryption tools to make the malware undetectable by antivirus solutions. He then used this malicious infrastructure to gain access to the computer networks of four tax preparation firms in Massachusetts.

    To carry out his plan, Akande sent phishing emails impersonating the Chief Executive Officer of a Massachusetts architectural engineering company to the targeted firms. The emails were crafted to appear authentic, with attached documents such as W-2 and 1099 forms, which added credibility to the messages. Once the recipients clicked on the links contained in the emails, they unknowingly downloaded RAT malware onto their systems.

    The malware was then used by Akande to steal the clients' personal information, including Social Security numbers and prior-year tax data. This information was then used by Akande to file over 1,000 fraudulent tax returns, seeking more than $8.1 million in refunds. The refunds were directed to bank accounts controlled by co-conspirators in the United States, who withdrew the funds in cash and transferred a portion to associates in Mexico.

    The investigation into Akande's activities began several years ago, when his indictment was issued by a federal grand jury in July 2022. After gaining access to the firms' systems, Akande stole their clients' personal information and used it to file fraudulent tax returns and collect more than $1.3 million in fraudulent refunds between June 2016 and June 2021.

    To gather intelligence on his targets, Akande purchased licenses for the Warzone remote-access trojan malware (whose infrastructure was seized by the FBI in February 2024) and encryption software known as a crypter to make the malware undetectable by antivirus solutions installed on the victims' devices. He then sent phishing emails impersonating the Chief Executive Officer of a Massachusetts architectural engineering company to four tax preparation firms, using a web domain and email account mimicking the CEO's name to make the messages appear authentic.

    Akande attached the executive's 2019 tax documents to the phishing emails (including W-2 and 1099 forms) to add credibility, and directed recipients to a Dropbox link allegedly containing the CEO's prior-year tax information that, when clicked, silently installed the malware on their systems.

    U.S. District Court Judge Indira Talwani in Boston sentenced Akande to eight years in prison and three years of supervised release, and ordered him to pay nearly $1.4 million in restitution.

    The case highlights the devastating consequences of cybercrime and the importance of cybersecurity awareness. It also serves as a warning to individuals who engage in such activities, and to businesses and organizations that must take steps to protect themselves from these types of attacks.

    In conclusion, Matthew Abiodun Akande's descent into cybercrime is a sobering reminder of the dangers that lurk in the digital world. His actions had devastating consequences for the victims, and his punishment serves as a warning to others who would engage in similar activities.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/A-Nigerian-Nationals-Descent-into-Cybercrime-The-Rise-and-Fall-of-a-Tax-Hacking-Empire-ehn.shtml

  • https://www.bleepingcomputer.com/news/security/nigerian-man-gets-eight-years-in-prison-for-hacking-tax-firms/

  • https://punchng.com/us-court-jails-nigerian-8-years-over-1-3m-cyber-fraud/

  • https://www.fortinet.com/resources/cyberglossary/remote-access-trojan

  • https://www.malwarebytes.com/blog/threats/remote-access-trojan-rat

  • https://www.malwarebytes.com/blog/news/2015/12/malware-crypters-the-deceptive-first-layer

  • https://www.esentire.com/blog/pure-crypter-malware-analysis-99-problems-but-detection-aint-one

  • https://medium.com/@anyrun/warzone-malware-overview-533ead9fc549

  • https://www.malwarebytes.com/blog/news/2024/02/warzone-rat-infrastructure-seized


    • Published: Thu Feb 19 11:50:36 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us