Charles Onus, 34, was apprehended in San Francisco in April 2021 while flying from Nigeria to the United States. In June, the US Department of Justice filed accusations against him. Onus, who has been detained since his arrest, is accused of using credential stuffing to gain unauthorised access to user accounts at the targeted organisation. The scam resulted in the compromise of over 5,500 user accounts, according to the indictment and papers submitted in court, allowing the defendant to redirect roughly $800,000 in payroll monies to prepaid debit cards, some of which were controlled by Onus. Onus, who faces up to five years in jail, pled guilty to one count of computer fraud “for unauthorised access to a secured computer to facilitate intended fraud.” The date for Onus’ sentence has been set for May 12. “Charles Onus acknowledged to hacking into a payroll company’s system and diverting payroll contributions to prepaid debit cards he controlled, stealing hundreds of thousands of dollars from workers across the United States,” said U.S. Attorney Damian Williams.
