Why hackers were able to pull off recent mobile money system fraud involving banks, telecom companies

The Financial Intelligence Authority has explained circumstances under which the recent money heist involving the hacking of mobile money system for various banks by fraudsters was successful, leading to loss of billions of shillings.

Last week, unknown hackers broke into the system of Pegasus Technologies before taking off with an unspecified amount of money belonging to several companies including banks and telecoms.

It has since been reported that the hackers used over 2000 mobile phone numbers to execute their mission and that the heist took more than two days without notice of the financial systems involved.

However, according to the Financial Intelligence Authority, since the money involved was in small amounts, it was not easy for anyone to detect that something sinister was going.

“Like many crimes, detection comes when the crime is in the process of happening or it has already happened. In this particular case, the detection happened when the crime was still ongoing.  It was not detected early enough because the patterns used were the ordinarily usual patterns,” said Sydney Asubo, the Financial Intelligence Authority Executive Director.

The Financial Intelligence Authority was established to monitor, investigate, and prevent money laundering, financing of terrorism in Uganda and related activities.

As part of their mandate, the FIA has a system that detects and sometimes blocks abnormal transactions into and out of the country.

Consequently, if a transaction is above the normal, the Financial Intelligence Authority is alerted and, in any case, it alerts the financial institutions including banks involved as they investigate the source and purpose of the money involved.

However, according to the FIA Executive Director, the hackers transferred billions of shillings to telecom companies then to the different sim cards in usual amounts.

“The amounts were within the ordinary ranges. It is only when it happened repeatedly over a two-day period that those involved in the processes became aware that there was a possibility that something wrong was happening,” Asubo told the Nile Post.

“When they interrogated the red flags, they were able to confirm that indeed fraud was being committed. The relatively small amounts but in bulk delayed the early detection.”

According to information from investigators, the hacking happened into the system of Pegasus Technologies, the company that translates money from banks into mobile money transfers between banks and telecom companies.

Following the hacking, the fraudsters were able to instruct the banks to release money to the telecom companies that later sent it to the over 2000 sim card accounts from which it was withdrawn from various mobile money agents throughout the country.

The Financial Intelligence Authority boss however warned that it could have been an insider job at any of the financial institutions or at Pegasus.

“While you can have a robust system in place, you must check the integrity of those who manage those system. The two go hand in hand.”

He urged members of the public and financial institutions to have in place robust systems to prevent the commission of such crimes but also systems that allow them strong mitigants in case the crimes happen.

 

https://nilepost.co.ug/2020/10/06/airtel-mtn-suspend-mobile-money-services-across-networks-after-system-is-hacked/