Matthew Abiodun Akande was sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts, stealing client data, and filing over 1,000 fraudulent tax returns seeking $8.1 million in refunds.
A Nigerian national has been sentenced to eight years in federal prison for orchestrating a sophisticated hacking campaign that targeted tax preparation firms in Massachusetts and resulted in over $1.3 million in fraudulent tax refunds.
The Scheme
37-year-old Matthew Abiodun Akande executed a multi-year fraud operation between June 2016 and June 2021, during which he infiltrated the computer networks of multiple tax preparation companies and stole sensitive client information. Court documents reveal that Akande used this stolen data to file more than 1,000 fraudulent tax returns seeking over $8.1 million in refunds.
Technical Methods
The hacker employed several technical tools to carry out his attacks. He purchased licenses for the Warzone remote-access trojan (RAT) malware and encryption software known as a crypter to evade detection by antivirus solutions on victim devices.
Akande's initial access came through carefully crafted phishing emails. He impersonated the Chief Executive Officer of a Massachusetts architectural engineering company, creating web domains and email accounts that mimicked the CEO's name to appear authentic. To add credibility, he attached the executive's 2019 tax documents, including W-2 and 1099 forms, to the phishing messages.
The emails directed recipients to what appeared to be a Dropbox link containing the CEO's prior-year tax information. However, when clicked, this link silently installed the Warzone RAT malware on the victims' systems.
"In reality, the Dropbox account contained a disguised executable file that, when downloaded and executed, would cause the Victim CPA Firms to unknowingly download RAT malware onto their computer networks," the indictment states. "The owners of each of Victim CPA Firms accessed the link and, as AKANDE intended, unknowingly downloaded RAT malware, which was used to collect each firm's client PII and prior years' tax information."
International Operation
Once inside the tax firms' networks, Akande used the Warzone RAT to steal clients' Social Security numbers and prior-year tax data. He then filed fraudulent tax returns using this harvested information.
The fraudulent refunds were directed to bank accounts controlled by co-conspirators in the United States. These associates would withdraw the funds in cash and transfer a portion to associates in Mexico, following Akande's instructions.
Arrest and Extradition
Akande was indicted by a federal grand jury in July 2022 while living in Mexico. He was arrested in October 2024 at London's Heathrow Airport and extradited to the United States in March 2025.
Sentencing
U.S. District Court Judge Indira Talwani in Boston handed down the sentence: eight years in prison followed by three years of supervised release. Akande was also ordered to pay nearly $1.4 million in restitution.
This case highlights the growing sophistication of cybercrime targeting financial institutions and the international nature of modern hacking operations. The use of legitimate-seeming phishing emails combined with advanced malware demonstrates how cybercriminals continue to evolve their tactics to exploit both technical vulnerabilities and human trust.
The seizure of Warzone's infrastructure by the FBI in February 2024, mentioned in the court documents, shows ongoing efforts by law enforcement to disrupt cybercrime tools, though this case demonstrates that such tools can remain effective for years before being neutralized.
Related cases in recent years have shown similar patterns of tax-related cybercrime, with criminals increasingly targeting accounting firms and tax preparation services as lucrative sources of personal financial data.
Comments
Please log in or register to join the discussion