Kampala, Uganda | URN | The Criminal Investigations Directorate has so far arrested over 50 telecom agents and records officials from various companies over the recent hacking of Pegasus Technologies, a third-party aggregator in financial transactions run by MTN, Airtel, Stanbic Bank and Bank of Africa.
The hackers accessed Pegasus technologies system on October 3, and authorised mobile money transactions worth 10 billion Shillings to more than 2,000 MTN and Airtel sim cards. In the aftermath, Pegasus Technologies filed a case at Jinja Road Police Station but also alerted the cyber unit at CID headquarters in Kibuli.
A senior police officer and one of the lead investigators told Uganda Radio Network that they have so far picked more than 50 telecom agents and records officials from companies on whose sim cards money was transferred and later withdrawn.
“These telecom-agents participated in registering numerous systems in the names of companies which had not authorised for such a process. Some of the agents helped the suspected hackers to withdraw the money before unauthorized access to Pegasus systems was detected,” a senior cyber officer said.
CID spokesperson Charles Twine declined to divulge details of the development. He however said investigations were progressing very well. According to the cyber detective, hackers targeted the Online Virtual Accounts of the aggregator, after taking time to study the system.
“Our investigations have proved that the transaction order came from Pegasus to banks even though it was not initiated by the administrators. These hackers accessed the Online Virtual Accounts for the aggregator and ordered banks to pay mobile sim cards,” the senior cyber policeman said.
Detectives have since established that sim cards registered in unaware companies are now 1800 as opposed to 1,500 earlier reported. Besides, several sim cards were registered in individuals mostly foreigners with names of two or three letters.
“We have people in charge of records from 40 companies in whose names these sim cards were registered. We have noticed that the records officers ordered for massive registration of these sim cards yet there was no need and their bosses were not informed,” a detective said.
CID has obtained Closed Circuit Television [CCTV] footage showing some of the suspects from companies and agents registering sim cards in big numbers. CCTV footage also shows money being withdrawn at telecom agents that participated in fraudulent registration of sim cards.