A Nigerian citizen, Farouk Adekunle Adepoju, has been detained in the United Kingdom following a request by the United States to extradite him over allegations of wire fraud and computer fraud involving more than $235,000. According to the U.S. Department of Justice (DOJ), Adepoju was arrested by UK officials on September 15, 2025, and is awaiting extradition to face a seven-count indictment in Pennsylvania’s Western District. Court documents allege that Adepoju employed sophisticated cyber methods to defraud a Pennsylvania university out of $235,266.80 between March and April 2023. He reportedly gained unauthorized access to the email system of a construction company involved in campus work, manipulated the email account settings, set up a fake domain, and impersonated a company employee to deceive university staff into redirecting payments to his fraudulent bank account. These illicit transfers have not yet been recovered. Acting U.S. Attorney Troy Rivetti indicated that Adepoju exploited advanced digital tools to illegally access business accounts, thereby targeting a regional university. The Pittsburgh FBI Field Office, leading the investigation, stated that business email compromise schemes remain among the costliest threats facing organizations. Adepoju faces six counts of wire fraud, each carrying up to 20 years in prison, plus one count of computer fraud, punishable by up to five years. The final sentencing will depend on federal guidelines and the defendant’s history. The prosecution is handled by Assistant U.S. Attorney Mark V. Gurzo with assistance from the DOJ’s Office of International Affairs.
Binance founder unmasks North Korean tactics in crypto exchange thefts
Changpeng Zhao, CEO of Binance, has warned of the strategies used by North Korean hackers to compromise cryptocurrency platforms. These cybercriminals employ cunning social engineering and technical methods to steal millions. The Binance chief described these cyber attackers as highly skilled, patient, and inventive. Rather than relying solely on software vulnerabilities, they exploit human factors. For example, they frequently impersonate prospective employees by submitting applications for IT, security, and finance positions to gain unauthorized insider access. In some cases, they act as recruiters conducting fake interviews, using technical glitches during video calls as a pretext to send malware disguised as software updates or sample code. Additionally, these operators sometimes appear as customers, using infected links in support requests to breach systems. Zhao revealed that bribery also plays a role, with some hackers offering payments to employees or contractors to facilitate access. He cited a recent incident in which an Indian outsourcing company was compromised, enabling hackers to steal over $400 million from a U.S.-based exchange. Amid growing regulatory pressures and investor concerns, Zhao urged crypto firms to implement rigorous hiring screenings and caution employees against downloading files from untrusted sources.
Google Play Apps with 38 million downloads tied to major mobile Ad fraud scheme
Security experts have uncovered one of the largest mobile advertising scams in recent memory, involving 224 apps on the Google Play Store that have been downloaded over 38 million times worldwide. Known as SlopAds, this deceptive operation covertly generated fake ad impressions and clicks behind the scenes, diverting advertising funds without delivering actual engagement to brands. The fraud was detected by HUMAN’s Satori Threat Intelligence team, who promptly alerted Google. Using sophisticated techniques such as steganography and hidden web browsers embedded within the apps, the scheme opened unseen windows that accessed cashout sites controlled by the fraudsters, accumulating a staggering 2.3 billion bid requests daily. The scam was engineered to remain under the radar by only activating on devices that installed an app after clicking on a SlopAds-linked advertisement, while other installations stayed inactive. Researchers described this as an advanced exploitation of marketing attribution technology. All users with these apps installed will receive warnings through Play Protect, which is automatically enabled on Android devices with Google Play Services – the report stated The illicit traffic generated by SlopAds spanned 228 countries, with the bulk of the activity coming from the United States (31%), followed by India (11%) and Brazil (7%). Many of the involved apps, along with related servers and domains, carried an AI motif, inspiring the campaign’s name. In addition to generating bogus ad views, the apps collected extensive device and browser data, enabling the perpetrators to fine-tune their operations. Encrypted commands, delivered through Google’s Firebase platform, instructed the apps to load fraud modules, access cashout sites, and execute scripts critical to revenue generation. In some cases, even the fraud management components were concealed within PNG image files, later reconstructed on users’ devices to form executable code. One notable cashout technique involved HTML5 games and news websites controlled by the scammers, which displayed ads at high frequency in hidden browser windows, unseen by users. Advertisers, however, paid for impressions and clicks that never reached actual audiences. To users, these applications seemed harmless but quietly consumed device resources in the background. For advertisers, the consequences translated into millions of dollars lost to phantom ad engagements. Unfortunately, this is not the first instance of malicious apps exploiting the Google Play Store to deceive users and advertisers. Last October, researchers from the Zscaler ThreatLabz team uncovered more than 200 harmful apps downloaded nearly eight million times. The report also stated that Nigeria ranks among the top ten countries targeted by mobile malware attacks, alongside India, the US, Canada, South Africa, the Netherlands, Mexico, Brazil, Singapore, and the Philippines. Experts urge continued vigilance and enhanced security measures to protect both consumers and brands from increasingly sophisticated digital threats.
Microsoft disrupts Nigerian-led RaccoonO365 phishing network, seizes 338 domains
Microsoft’s Digital Crimes Unit (DCU) has successfully dismantled RaccoonO365, a Nigeria-based phishing operation, by seizing 338 websites used to steal thousands of Microsoft 365 credentials worldwide. The crackdown focused on a prolific cybercriminal platform known for selling phishing toolkits designed to mimic official Microsoft communications, including emails and login pages. Marketed on Telegram to over 850 users, this subscription-based service allowed criminals with minimal technical skills to launch credential-harvesting campaigns at an alarming scale. Since July 2024, the kits have facilitated the theft of more than 5,000 Microsoft user credentials. At the center of this operation is Joshua Ogundipe, a Nigerian programmer identified by Microsoft as the mastermind behind RaccoonO365’s technical framework and business model. Microsoft revealed that he and associates took specialized roles in code development, subscription sales, and support services for the criminal clientele, generating at least $100,000 in cryptocurrency payments. They employed deceptive tactics like registering internet domains with fake identities and addresses spanning multiple countries to evade detection. The compromised kits have been linked to damaging campaigns targeting critical sectors, including a tax-themed offensive against over 2,300 U.S. organizations and at least 20 American healthcare institutions. Experts warn these phishing operations pave the way for severe disruptions such as ransomware attacks, exposing sensitive patient data and compromising public safety. Microsoft’s collaboration with Cloudflare and Chainalysis facilitated the takedown, suspending malicious domains, disabling scripts, and revealing key cryptocurrency wallets aiding attribution. The swift legal and technical intervention against RaccoonO365 shows the importance of joint international cooperation to curtail cybercrime.
Rising cybercrime tightens visa rules for Nigerians abroad, EFCC warns
The Economic and Financial Crimes Commission (EFCC) has cautioned that Nigeria’s escalating internet fraud cases are leading to tougher visa restrictions for innocent citizens traveling abroad. The warning came during a recent event in Port Harcourt aimed at addressing security challenges faced by the youth. At a gathering organized by the Coalition of Nigerian Youth on Security and Safety Affairs in Rivers State, EFCC Chairman Ola Olukoyede, speaking through Chief Superintendent Coker Oyegunle, stressed that deceitful acts online severely damage Nigeria’s reputation internationally. This damage prompts foreign governments to impose stricter travel requirements on law-abiding Nigerians. The commission’s leader explained that cybercrime, money laundering, and economic sabotage cost the nation billions of naira yearly, hampering development and depriving citizens of essential infrastructure and employment opportunities. He urged young Nigerians, particularly in the South-South region, to dedicate their efforts towards productive pursuits like technology, business creation, agriculture, and the arts. Olukoyede warned that engaging in fraud is a deceptive shortcut that leads to loss of freedom, respect, and future prospects. He also added that digital trails remain forever, and the law is closing in. Olokoyede advised youth to choose growth through honest means rather than shortcuts that destroy the future. The EFCC reiterated its plans to enhancing sensitisation, enforcement, and collaborative partnerships with communities across Nigeria to combat economic crimes and restore trust. During the event, National Drug Law Enforcement Agency official Mathew Ewah pointed out drug abuse as a serious threat to the nation’s youth, while the Nigeria Security and Civil Defence Corps joined in expressing concern over pipeline vandalism in the region. Recent months have seen intensified EFCC operations against cybercriminals nationwide. In August, a raid at a Lagos hotel led to the arrest of 38 suspected scammers, with recovered items including vehicles and illegal substances. Similarly, in Benin, twelve individuals were convicted for fraud-related offences after pleading guilty in court. In light of the surge of cybercrimes, the United States recently revised its visa policies for Nigerians, limiting several non-immigrant visas to three months with single-entry conditions. This adjustment affects business, tourism, student, and exchange visitor categories.
Nigerian man arrested in India for fake marriage scam defrauding woman of nearly N9.5 million
Authorities in India have apprehended a Nigerian national, Oliver Ugwu Okechukwu, 47, for deceiving a woman from Ilkal town in Karnataka’s Bagalkot district, stealing approximately Rs 5.5 lakh (around N9.5 million) through a fraudulent marriage scheme. According to Siddarth Goel, Superintendent of Police in Bagalkot, officers from the Cyber Economic and Narcotics (CEN) unit captured Okechukwu in Mumbai after an extensive inquiry. Reports from the Times of India reveal that Okechukwu resided in Mumbai’s Shivaji Nagar Bonkode Ganv area, Khairane Thane, and operated by tricking women on matrimonial websites. He fabricated multiple false identities, specifically targeting divorcees or vulnerable women desiring new relationships. In this case, the suspect impersonated a man named “Satya Amit”, who claimed to live in London and portrayed himself as a prosperous professional eager to marry. After establishing trust with his victim online, he convinced her of his intentions. About 18 months ago, Okechukwu contacted the woman, stating he had arrived in India but was trapped by customs officials, who allegedly confiscated foreign currency valued at Rs 1 crore. He begged for her assistance to pay Rs 5.5 lakh urgently to resolve the problem. Believing his story, the woman transferred the funds through RTGS to a bank account he provided. Following receipt of the money, the fraudster immediately cut off all communication and vanished. The victim later reported the scam to cybercrime authorities in Bagalkot. SP Goel confirmed the defendant used various bank accounts under false names to carry out his fraudulent operations. Investigations are underway to ascertain whether Okechukwu victimized others across the country. Officials say enhanced cyber surveillance measures are being implemented in response to a surge in foreign-related fraud cases. Currently detained, Okechukwu faces prosecution under India’s cybercrime and fraud statutes.