Cybercrimes: How Hushpuppi, Woolberry were arrested in Dubai with ‘$40 million cash’

L-R: Husbpuppi and Woodberry

More revelations have emerged on how the alleged Nigerian transnational internet scammers, Ramon Olorunwa Abbas, aka, Hushpuppi and Olalekan Jacob Ponle, aka, Mr Woodberry, were arrested by arrested in their United Arab Emirates (UAE) by Dubai Police, with $40 million cash found in their apartments.

After they have been monitored for at least four months is an operation the Dubai Police dubbed Fox Hunt 2, it came out with a report that the two suspects alongside other Nigerian gang members involved in money-laundering and multiple cybercrimes have been arrested.

The most popular of them all in the dramatic operation was 37-year-old Hushpuppi or just Hush, as he was fondly known by his 2.4 million Instagram followers.

“Thank you, Lord, for the many blessings in my life. Continue to shame those waiting for me to be shamed,” Hushpuppi captioned an Instagram picture of a Rolls-Royce just a fortnight before he was arrested.

What it was said finally gave Woolberry out was the his Instagram post the day after he celebrated his 29th birthday in May, where he was seen standing next to a bright yellow Lamborghini in Dubai.

“Stop letting people make you feel guilty for the wealth you’ve acquired,” He wrote to his aidience, as he adorned himself with designer jewellery and Gucci clothes from head to toe.

It was only a month after this post, the Nigerian Instagram celebrity, Woolberry, was arrested by Dubai Police for alleged money laundering and cyber fraud.

The Dubai Police after arresting the suspects in UAE, said they recovered $40 million (£32 million) in cash, 13 luxury cars worth $6.8 million, 21 computers, 47 smartphones and the addresses of over 1.9 million alleged victims.

The duo of Hushpuppi and Woodberry have been extradited to the US and handed over to the Federal Bureau of Intelligence (FBI) agents. They have been charged in a Chicago court with conspiracy to commit wire fraud and laundering hundreds of millions of dollars obtained from cybercrimes.

However, the two suspects, who are presumed innocent until proven guilty, have not yet been asked to plead.

“I think there’s probably a certain arrogance when they believe they’ve been careful about maintaining anonymity in their online identities, but they live high on the hog and get careless on social media,” said Glen Donath, a former senior prosecutor in the US Attorney’s Office in Washington, DC.

It is a spectacular crash for the two Nigerian men who extensively documented their tacky, high-flying lifestyle on social media, raising questions about the sources of their wealth.

They unwittingly provided crucial information about their identities and activities for American detectives with their Instagram and Snapchat posts.

They are accused of impersonating legitimate employees of various US companies in “business email compromise” (BEC) schemes and tricking the recipients into wiring millions of dollars into their own accounts.

On Instagram, Hushpuppi said he was a real estate developer and had a category of videos called “Flexing” – social media lingo for showing off. But the “houses” were actually a codeword for bank accounts “used to receive proceeds of a fraudulent scheme,” investigators allege.

“Our value system in Nigeria needs to be checked, especially the emphasis we place on wealth, no matter how you got it.”

“It’s a culture where people believe that results speak for you. We don’t place as much emphasis on the process and this has built up over time,” the economist Ebuka Emebinah told the BBC from New York.

English Premier League team targeted

In April, Hushpuppi renewed his lease for another year at the exclusive Palazzo Versace apartments in Dubai under his real name and phone number.

“Abbas finances this opulent lifestyle through crime, and he is one of the leaders of a transnational network that facilitates computer intrusions, fraudulent schemes (including BEC schemes), and money laundering, targeting victims around the world in schemes designed to steal hundreds of millions of dollars,” the Federal Bureau of Investigations (FBI) said in an affidavit.

In one case, a foreign financial institution allegedly lost $14.7m in a cyber-heist where the money ended up in hushpuppi’s bank accounts in multiple countries.

The affidavit also alleged that he was involved in a scheme to steal $124 million from an unnamed English Premier League team.

The FBI obtained records from his Google, Apple iCloud, Instagram and Snapchat accounts which allegedly contained banking information, passports, communication with conspirators and records of wire transfers.

About 90 per cent of business email compromise scams originate in West Africa, research from American email security firm Agari shows.

If convicted, both Hushpuppi and Woodberry could be jailed for up to 20 years.

‘Yahoo boys’

The complaint against Hushpuppi and Woodberry describe tactics that resemble what the company calls Vendor Email Compromise tactics, where scammers compromise an email account and study communication between a customer and a vendor.

“The scammer would gather contextual details, as they watched the legitimate email flow,” explains Crane Hassold, Agari’s senior director of threat research.

“The bad actor would redirect emails to the bad actor’s email account, craft emails to the customer that looked like they are coming from the vendor, indicate that the ‘vendor’ had a new bank account, provide ‘updated’ bank account information and the money would be gone, at that point.”

Ponle, known online as “mrwoodberry,” used Mark Kain in emails, according to the FBI.

He is accused of defrauding a Chicago-based company into sending wire transfers of $15.2 million. Companies in Iowa, Kansas, Michigan, New York, and California are also said to have fallen victim.

The cash trail allegedly disappeared after his accomplices, called money mules, converted the money into the cryptocurrency bitcoin.

Email scams have become so prevalent globally, and so deeply linked to Nigeria, that the fraudsters have a name in the country: “Yahoo Boys.”

They try to convince a recipient to wire money to the other side of the world or they go “phishing,” stealing a user’s identity and personal information for fraud.

The FBI warns against the Nigerian letter or “419” fraud – emails promising large sums of money, called advance fee scams. The “Nigerian prince” trope has become shorthand for deception.

How 419 romance scam works

An individual may contact you via e-mail, explaining he needs help to transfer money.

Will tell you that political turmoil or a natural disaster makes it difficult for him to make the transfer.

LoveWill ask you to give him your financial details so that he can transfer the money into your account.

This allows him to access and steal from your account.

Be careful what you post on social media and dating sites as scammers use the details to better understand you and target you.

LoveA Washington, DC-based attorney, Moe Odele, finds it frustrating as a Nigerian because it ignores the “systemic failures that have led to brilliant Nigerian youths engaging in these scams”, in the country and abroad.

“They see it as an easy way out in a country that offers them limited options and, in many cases, no options at all,” she says.

“But there are also many brilliant Nigerians are represented in world stages from education to pop culture.”

How Nigeria suffers

Last month, the US Treasury Department blacklisted six Nigerians among 79 individuals and organisations in its Most Wanted cybercriminals list. It accused them of stealing more than $6 million from American citizens through deceptive global threats like BEC and romance fraud.

Ayo Bankole Akintujoye – founder of Nigeria-based Bootcamp, a start-up incubation initiative – faults the international attention on Nigeria alone.

“A lot of Nigerians are doing fantastic things all over the world, but they don’t get as much media mileage as the guys doing bad things. It affects all the guys doing legitimate stuff especially in the tech space,” he said.

“A lot of foreign companies don’t ship to Nigeria, many payment platforms don’t accept payments from us because it has ruined our image.”

In its internet crime report for 2019 , the FBI said it had received more than 460,000 complaints of suspected cyber fraud, with losses of more than $3.5 billion reported. More than $300 million was recovered, it said.

However, many online fraudsters don’t get caught and even fewer end up going to jail.

Mr Donath says the cases are challenging because they happen overseas and tend to be quite sophisticated.

“They’re time-consuming, highly document-intensive, and in many federal criminal cases, you have the difficulty of walking a jury through a chronology of relevant facts,” said the partner at law firm Clifford Chance.