HYDERABAD: A two-month hunt ended successfully for the city police on Wednesday with the arrest of the elusive Ikpa Stephen Orji, a Nigerian handler involved in the hacking of Mahesh Bank accounts and swindling Rs.12.48 crore. Orji’s Nigerian accomplice is yet to be identified.
Commissioner of police C.V. Anand told reporters here on Wednesday that when reports first emerged about the hacking of Mahesh Bank accounts, around 200 police officials from Cyber-crime and CCS swung into action and nabbed 23 persons, including four Nigerians, for their alleged involvement in the fraud.
Anand said they are now contemplating to issue a red corner notice and seek Interpol’s help to nab the main accused, who are believed to be operating from the United Kingdom and Nigeria as servers were showing proxy UK and Nigerian IP. The amount that is hacked is withdrawn and transferred, either by way of hawala or crypto currency, he said. Money was transferred to 115 accounts of different banks and subsequently to 398 different accounts.
Probing of the IP logs used for internet banking revealed that the IP addresses were proxies with locations in the USA, Canada and Romania. Hackers used the VPN services of a Bihar-based company.
Cyber forensics said that hackers entered the system of AP Mahesh Co-operative Urban Bank through phishing mails containing a remote access trojan (RAT) sent to the bank employees on November 4, 10 and 16 last year.
As all systems in the bank are interconnected, the hackers were remotely able to access its core banking server, which they entered on the day of the actual hack, Anand said.
