Corporate News
By MUGAMBI MUTEGI, pmutegi@ke.nationmedia.com
Posted Monday, December 1 2014 at 00:00
Posted Monday, December 1 2014 at 00:00
In Summary
- A local cyber security firm, Serianu, says it has unmasked a Kenyan hacker who broke into personal accounts of Facebook users in Nairobi, Mombasa and Eldoret and used the access to solicit funds from thousands of people linked to the breached accounts.
- Owners of the compromised Facebook accounts were also contacted and informed that their accounts would be deleted if they declined to pay money -- ranging between Sh5,000 and Sh100,000 -- into different mobile money accounts.
- Serianu estimates that victims of the attacks may have lost up to Sh50 million in the scam.
More than 5,000 Kenyan Facebook users have lost
millions of shillings in a social hacking scam that lasted for a year, a
local cyber security firm has revealed.
The firm, Serianu, says it has unmasked a Kenyan who broke
into personal accounts of Facebook users in Nairobi, Mombasa and Eldoret
and used the access to solicit funds from thousands of people linked to
the breached accounts.
The attack was a type of social hack known as a
phishing scam that tricks users into providing a hacker with access
rather than relying on technical skill to break into their accounts.
“The hacker created a website that looked
aesthetically similar to Facebook and posted it on random users’ pages,
inviting them to view their friends’ latest photos,” said William
Makatiani, the managing director.
“Users who clicked on the link were asked to
provide their log-in details afresh in order to proceed. Once they did
this, their usernames and passwords were collected into a database that
currently has 5,006 entries.”
The cyber criminals then used the captured log-in
credentials to take over a user’s social media page and went on to
solicit money from the account owner’s friends while masquerading as the
real user.
Owners of the compromised Facebook accounts were
also contacted and informed that their accounts would be deleted if they
declined to pay money -- ranging between Sh5,000 and Sh100,000 -- into
different mobile money accounts.
To nudge victims into paying up, the fraudsters
posted malicious and alarming messages on breached Facebook pages.
Serianu estimates that victims of the attacks may have lost up to Sh50
million in the scam.
The hackers used fake websites to retrieve
usernames and passwords of Facebook users, a practice referred to in
technology jargon as phishing.
The Business Daily cannot reveal the
hacker’s identity or the website used in the scam because the matter has
since been reported to the CyberCrime Unit of the Directorate of
Criminal Investigations (DCI), who are investigating.
The website, which has since been taken down, was registered by a Kenyan, hosted locally and with a Safaricom mobile phone number as the contact line.
Internet security breach has become a serious
problem since Kenya installed broadband Internet with the landing of
undersea fibre optic cables in Mombasa five years ago.
Criminals have used high-speed Internet to
illegally obtain and share crucial user information that has cost
millions of companies and individuals billions of shillings annually.
UK broadcaster, BBC, last week reported that
administrators of a Russian-based site infiltrated thousands of insecure
baby monitors, webcams and CCTV cameras in over 250 countries,
including Kenya, UK, Pakistan and Zimbabwe, and monitored live feeds.
1n the past 12 months, there has been a build-up of Internet
security breaches in Kenya. The Kenya Police and the Central Bank of
Kenya top the list of 103 crucial government websites that have fallen
prey to the hackers.
The Banking Fraud Investigations Department last year
reported that hacking of customer bank accounts -- mainly by bank
employees -- between April 2012 and 2013 led to losses of Sh1.49
billion.
Nairobi Senator Mike Sonko’s Twitter account was
reportedly compromised this week, exemplifying the ubiquitous nature of
the crime in the country.
The Facebook hacker’s operation has since been shut
down with the help of PhishTank, a US-based anti-phishing site used by
leading IT firms like Google, Yahoo and Mozilla to verify the safety of
websites.
A DCI officer at the CyberCrime Unit in charge of
the Facebook scam investigation confirmed that Serianu had filed a
report detailing the hacking incident.
“Serianu approached us recently and provided
information about the alleged crime, including details of one of the
individuals who was affected,” said the officer who declined to be
quoted as he is not authorised to speak on ongoing investigations.
“We are waiting for the victims to come forward and make a formal complaint,” said the officer.
The Business Daily has established that
one of the victims is a nurse at a local hospital. Her Facebook account,
which is still under the hacker’s control, was compromised in late
October and her friends have since wired Sh17,000 to the fraudster’s
different M-Pesa accounts.
Stephen Wanjala, the victim’s husband, said they
had contacted the CID officer in charge of the investigation and were
preparing to make an official statement.
Cyber security experts say the exponential increase
in the number of local hackers is not only a direct result of improved
Internet infrastructure, but also a quest for fame and wealth.
Besides, Kenya does not have enough professionals who can effectively secure personal data or rebuff cyber-attacks.
“Expert hackers around the world are considered
heroes and revered in many quarters,” said George Njoroge, CEO of East
African Data Handlers.
“Some local hackers are after a similar status and
if they can make some money while at it, the better. Ignorance on the
part of users, including companies, and lack of expertise worsen the
situation.”
The Kenya Cyber Security report released in June by
Telecommunication Services Providers of Kenya (Tespok) showed that
cyber-attacks more than doubled in the past year to 5.4 million.
While previously many of the attacks came from
abroad – especially China – the majority of the 1.8 million computers
used were stationed locally, indicating that the attacks were from
withinnsider threat by employees were earlier this year ranked top in the list of cyber security risks faced by financial institutions, especially those that have embraced mobile and online banking.
Mr Njoroge cited an ongoing investigation where five
employees of a local mid-tier bank are being investigated for stealing
Sh280 million from their employer. The case is expected to move to court
this month.
The accused allegedly tinkered with the core
banking system authorisation protocols and moved the money out to
several accounts through mobile money and Internet banking transactions.
US information technology giant IBM in August
signed a deal with the government that will see it develop cyber
security syllabus for new recruits joining the police service.
Currently, most cybercrime matters are handled by
small a team of IT experts – the Kenya Computer Incident Response Team –
based at the Communications Authority of Kenya.
The team’s core duty is to liaise with other government and international bodies to tackle cyber-crime.
No comments:
Post a Comment