The U.S. Department of Justice has announced that Instagram influencer Ramon Olorunwa Abbas, also known as Hushpuppi, has been given an 11-year prison sentence for his involvement in laundering millions of dollars stolen from different cyber scams, including business email compromise attacks, BleepingComputer reports.
Abbas has been noted by the Justice Department to have conspired to launder more than $300 million from 2019 to 2022. The Justice Department said that Abbas helped North Korean hackers transfer $14.7 million stolen from a bank in Malta to Bulgarian and Romanian accounts in January 2019. Millions of pounds stolen from a U.K.-based professional soccer club was then laundered by Abbas to Mexican bank accounts in May 2019 before luring a New York-based law firm to send more than $900,000 to a co-conspirator's account in October 2019.
Aside from the prison sentence, Abbas has also been ordered to provide more than $1.7 million in restitution to the law firm and a business person in Qatar, who was victimized by his fake multi-million loan scheme.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.