Federal Bureau of Investigation (FBI) has arrested Charles Onus for allegedly diverting $800,000 payroll funds to the prepaid debit cards he controls.
Gatekeepers News reports that Charles Onus, a Nigerian, who was on April 14, arrested and detained in San Francisco, was made to appear before a Manhattan federal high court on Wednesday.
The indictment filed in the Manhattan court alleged that Onus played a role in a scheme that stole close to $1 million after hacking into a payroll processing company’s system to access user accounts and divert payroll to prepaid debit cards he controlled.
Gatekeepers News gathered that the 34-year-old was accused of hacking over 5,500 company user accounts between July 2017 and 2018 through a cyber-intrusion technique referred to as “credential stuffing”.
The statement by the justice department said: “As alleged, Onus did this as effectively as someone who commits bank burglary, but with no need for a blowtorch or bolt-cutters. Thanks to the FBI and IRS-CI, Onus is in custody and facing serious federal charges.
“From at least in or about July 2017 through at least in or about 2018, ONUS participated in a scheme to conduct cyber intrusions of multiple user accounts maintained by a company that provides human resources and payroll services to employers across the United States (the “Company”), in order to steal payroll deposits processed by the Company.
“During the course of the scheme, unauthorized access was obtained to over 5,500 Company user accounts through a cyber intrusion technique referred to as ‘credential stuffing’.
“After ONUS successfully gained unauthorized access to a Company user account, he changed the bank account information designated by the user of the account so that ONUS would receive the user’s payroll to a prepaid debit card that was under ONUS’s control.
“Also, 5,500 Company user accounts were compromised and more than approximately $800,000 in payroll funds were fraudulently diverted to prepaid debit cards, including those under the control of ONUS. The compromised Company user accounts were associated with employers whose payroll was processed by the Company, including employers located in the Southern District of New York.”
Charles Onus is facing: a one-count charge of computer fraud for causing damage to a protected computer; one count of computer fraud for unauthorised access to a protected computer to further intended fraud; one count of wire fraud, and one count of receipt of stolen money; and one count of aggravated identity theft.