Kenya Revenue Authority, several blue-chip banks, a parastatal and a supermarket chain are some of the institutions penetrated by an international cybercrime syndicate that took off with hundreds of millions of shillings – before they were all seized on Monday and Tuesday.
Working with insiders and relatives of “prominent politicians”, the crooks had formed an international band that installed malware into the systems that allowed them to take control of the institutions’ computers and steal what police sources said would run into hundreds of millions. (A malware is a software that disables the systems to enable hacking and transfer of money without detection).
Police detectives from the Special Crime Prevention Unit, and the Flying Squad smashed the syndicate and arrested a former police officer, a Kenya Revenue Authority employee and two American citizens who are now among 16 suspects in police custody for transnational crimes — that include cybercrime and drug trafficking.
The cybercrime syndicate was operating in the Nairobi CBD, Muthaiga, Thika, and Roysambu, and had been robbing banks using Salami attacks and electronic transfers as well as trafficking drugs.
Read: How a local bank lost millions of shillings to fraud
They have also been colluding with motor vehicle importers to evade tax and were illegally registering them. During the crackdown, police recovered several vehicle number plates from one of the houses.
According to the Daily Nation, the group were “conspiring to manipulate the IEBC system during the elections” and had been working with relatives of senior politicians which gives the syndicate some political angle too.
The leader of the cyberheist gang is 35-year-old Calvin Otieno Ogalo, a former police officer and bank employee, who on Saturdays turns into a devout SDA patriot and choir member but worked as a bank hacker every other day between 3pm and midnight.
The Cybercrime Investigation Unit estimates that Kenya lost more than Sh17 billion to hackers in 2016, with theft of credit or debit card data and financial scams, bank salami attacks and hacking of the mobile banking systems being the greatest targets..
Source: Daily Nation