Briton accused of hacking into US bank computers and stealing millions
A Briton has been charged in New York with unauthorized computer intrusion, securities fraud, wire fraud and other crimes, causing more than $5 million in losses.
According to a complaint in 10 points released yesterday, Idris Dayo Mustapha, 32, UK citizen, and others used phishing and other means to obtain user credentials from January 2011 to March 2018.
The complaint revealed that Mustapha had gained access to computers based in the United States, including mail servers and computers belonging to American financial institutions, to steal money from online banking accounts and accounts. securities brokerage.
Mustapha was arrested in the UK in August 2021 and the US is seeking his extradition to the Eastern District of New York.
Breon Peace, United States Attorney for the Eastern District of New York, and Michael J. Driscoll, Deputy Director in Charge of the FBI Field Office in New York, announced the charges:
“As alleged in the Complaint, the Defendant was part of a nefarious group that caused victims millions of dollars in losses by engaging in a litany of cybercrimes, including widespread hacking, fraud, takeover securities brokerage accounts of victims and trading in the name of victims,” the U.S. Peace Attorney said. “Protecting Eastern District residents and financial institutions from cybercriminals is a priority of this office,” he added.
The complaint stated that once financial institutions began blocking these unauthorized transfers, Mustapha and his co-conspirators accessed other victims’ brokerage accounts and placed unauthorized stock trades on those accounts while simultaneously profitably trading the same stocks from accounts they controlled.
If convicted, Mustapha faces up to 20 years in prison for each of various charges of wire fraud, securities fraud and money laundering, as well as a mandatory two-year sentence for theft. aggravated identity.
Commenting on the story, Jake Moore, Global Cybersecurity Advisor at ESET, said: “Digital bank robberies are extremely rare but incredibly lucrative if successful. When banks are targeted, it is often assumed that they will not succeed, but this highlights the persistence of cybercriminals and how far they will go to exploit any opportunity. Phishing remains the main attack vector and remains vulnerable on several levels. The human element in handling e-mail makes it clear that we are still in an era where all staff must be extremely alert and careful with every e-mail. »