Nigerian Hacker Umeti Convicted in $1.5M BEC Scheme

ALEXANDRIA, VA – Ebuka Raphael Umeti, 35, a Nigerian national, was found guilty today of orchestrating a brazen business email compromise (BEC) scheme that ripped off businesses across the United States and beyond. The federal jury delivered the verdict after evidence revealed a calculated operation designed to infiltrate systems and drain accounts.

Prosecutors laid out a case showing Umeti and his co-conspirators flooded victim companies with phishing emails disguised as legitimate correspondence from trusted sources – banks, vendors, the usual playbook. Once inside, they didn’t just steal data; they planted malicious software, or “malware,” granting them remote control of victim computers. This access was then exploited to manipulate employees into wiring funds to accounts controlled by the criminal enterprise. The total loss, or attempted loss, inflicted on victims topped a staggering $1.5 million.

“Umeti participated in a sophisticated computer hacking and business email compromise scheme that targeted numerous businesses in the United States,” stated Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division. “Although Umeti and his co-conspirators carried out their scheme from outside the United States, they were not beyond the reach of the Justice Department.” The message is clear: geography is no shield for digital criminals.

U.S. Attorney Jessica D. Aber for the Eastern District of Virginia echoed that sentiment, noting, “Umeti relied on hidden malware, deception, and an ocean of distance to steal from American businesses and avoid prosecution.” Aber’s office, alongside the FBI, relentlessly pursued Umeti, overcoming significant logistical hurdles to bring him to justice. “Despite those obstacles and obfuscations, a dedicated team of investigators and prosecutors showed outstanding resolve in bringing him to justice.”

The jury convicted Umeti of conspiracy to commit wire fraud, three counts of wire fraud, conspiracy to cause intentional damage to a protected computer, and intentional damage to a protected computer. He faces a potential prison sentence of up to 27 years on the wire fraud conspiracy charge alone, plus additional time for the other convictions – five years for the computer conspiracy, 20 years on each wire fraud count, and 10 years for damaging the protected computer. Sentencing is scheduled for August 27th, and the final decision rests with the federal district court judge.

Umeti wasn’t working alone. Co-defendant Franklin Ifeanyichukwu Okwonna, 34, already pleaded guilty on May 20th and is set to be sentenced on September 3rd. The FBI’s Washington Field Office spearheaded the investigation, with crucial assistance from the Justice Department’s Office of International Affairs, the U.S. Marshals Service, and Kenyan authorities who facilitated the extradition of both Umeti and Okwonna. The case was prosecuted by Assistant U.S. Attorney Laura D. Withers and Senior Counsel Thomas S. Dougherty of the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS), with assistance from CCIPS Senior Counsel Aarash Haghighat.