The Uganda Police is currently grilling two suspects in connection with the cyber attack on telecommunication companies, MTN, Airtel and two banks including Stanbic and bank of Africa where billions of money were lost last week.
The two suspects are attached to Pegasus Technologies, a company that provides financial and billing solutions for various companies in Uganda.
The suspects were arrested on Wednesday by the Criminal Investigations Directorate (CID) cyber crime detectives at the helm of probing the case to help the police investigate on how the cyber attack could have happened under their watch.
It is also reported that more arrests will be made over the incident in which the hackers took off with over 10b. Pegasus provides services to a number of banks, telecommunication companies and utility providers in Uganda to provide financial and billing solutions.
According to Police, Pegasus is an aggregator for six top financial institutions in the country. In this case, the hackers infiltrated Stanbic Bank, Bank of Africa, MTN and Airtel, transferred the money and later cashed out the funds through various mobile money agents across the country.
It is alleged that the hackers cashed out the money from over 2,000 mobile money withdrawal points located in different parts of the country and this was done within 36 hours last weekend.
A source said investigators suspect that the cyber criminals behind the theft could have used SIM cards of dead people or those abandoned by subscribers such as foreigners who stay in the country for a short time.
Meanwhile Police investigations have extended to the National Identification and Registration Authority (NIRA) after it was discovered that the Sim cards used were duly registered.
However, Gilbert Kadilo, the NIRA public relations and corporate affairs manager, issued a statement over the alleged involvement of NIRA staff in the fraud.
NIRA’s role is to “facilitate verification of identities against applicants’ details on the identification cards and not to register SIM cards.” he said.
“Since the SIM cards were registered against individual’s NINs, the investigators should be able to identify the registered owners of the cards used in the fraud,” Kadilo added.
In a statement issued on Thursday, Wim Vanhelleputte, the chief executive officer of MTN Uganda, stated that on October 3, an aggregator, Pegasus Technologies, experienced a security breach that impacted bank-to-wallet transfers.
“Although the incident did not affect any customer money mobile balances, a limited number of other services aggregated through the third party provider were suspended as a precautionary safety measure.”
“The core MTN mobile money services, including cash deposits, withdrawals, person to-person transactions and MoMo payments were never affected at any stage,” read the statement.
According to sources, so far what is known is that Bank of Africa lost sh900m, Stanbic Bank sh9b, Airtel sh4.5b and MTN lost the biggest chunk. “Over 1200 MTN SIM cards were used to channel the money to various agents across the country,” a source said.