Hacker Extradited to U.S. for $2.5 Million Tax Fraud Scheme

Chukwuemeka Victor Amachukwu, also known as Chukwuemeka Victor Eletuo and So Kwan Leung, was extradited from France to the United States to face charges related to sophisticated hacking, wire fraud, and aggravated identity theft operations.

The 39-year-old Nigerian national was presented before U.S. Magistrate Judge Robert W. Lehrburger in the Southern District of New York, with the case assigned to U.S. District Judge Paul G. Gardephe.

This extradition underscores the collaborative efforts between U.S. authorities and international partners to combat transnational cyber threats, including spearphishing campaigns and large-scale financial exploitation.

Details of the Cyber Intrusion

According to the superseding indictment and associated court filings, Amachukwu, alongside co-conspirator Kinglsey Uchelue Utulu and other Nigeria-based accomplices, orchestrated a multi-year scheme commencing around 2019 that targeted U.S.-based tax preparation firms in states such as New York and Texas.

The conspirators employed advanced spearphishing techniques customized phishing emails designed to deceive recipients into divulging sensitive credentials to infiltrate the electronic systems of these businesses.

Once access was secured through these computer intrusions, the group exfiltrated personally identifiable information (PII) from thousands of victims, including tax records and other sensitive data.

This stolen PII was then weaponized to perpetrate wire fraud by submitting fraudulent tax returns to the Internal Revenue Service (IRS) and various state tax authorities.

The scheme aimed to secure illicit refunds totaling approximately $8.4 million, with the conspirators successfully obtaining at least $2.5 million through these deceptive filings.

In a parallel exploitation of government relief programs, the group leveraged the compromised identities to file bogus claims under the Small Business Administration’s (SBA) Economic Injury Disaster Loan (EIDL) program, netting an additional $819,000 in fraudulent disbursements.

According to the report, these actions not only involved unauthorized access and data breaches but also constituted aggravated identity theft, amplifying the financial and personal harm to victims.

Separately, Amachukwu is accused of masterminding an investment fraud operation, wherein he lured victims with promises of high-value standby letters of credit financial instruments purportedly guaranteeing substantial returns.

In reality, these instruments were fictitious, allowing Amachukwu to siphon millions of dollars from unsuspecting investors, further exemplifying a pattern of deceptive wire fraud schemes.

U.S. Attorney Jay Clayton emphasized the broader implications of such cyber-enabled fraud, stating that Amachukwu’s activities involved hacking into tax enterprises, trafficking in stolen PII, and defrauding federal entities like the IRS.

FBI Assistant Director Christopher G. Raia highlighted the multifaceted nature of the offenses, including computer intrusions via spearphishing and sham investment promotions, underscoring the FBI’s commitment to pursuing cybercriminals globally through robust law enforcement partnerships.

Potential Penalties

Amachukwu faces a comprehensive array of charges: one count of conspiracy to commit computer intrusions, carrying a maximum penalty of five years imprisonment; two counts of conspiracy to commit wire fraud and two substantive counts of wire fraud, each punishable by up to 20 years; and one count of aggravated identity theft, mandating a consecutive two-year sentence.

These penalties, prescribed by Congress, are informational, with actual sentencing to be determined by the presiding judge.

The prosecution is led by Assistant U.S. Attorney Daniel G. Nessim from the Southern District of New York’s Complex Frauds and Cybercrime Unit, with commendations extended to the FBI, the Justice Department’s Office of International Affairs, the U.S. Marshals Service, and the French National Gendarmerie for their roles in the arrest and extradition.

As with all federal cases, the charges remain allegations, and Amachukwu is presumed innocent until proven guilty in a court of law.

This case highlights the evolving landscape of cyber threats, where actors exploit digital vulnerabilities for financial gain, prompting heightened vigilance in cybersecurity protocols across industries.

The Ultimate SOC-as-a-Service Pricing Guide for 2025– Download for Free