The National Bureau of Investigation (NBI) have arrested three individuals for the alleged hacking of both government and private institutions, banks, and Facebook accounts.
“Yung isa dito ay data officer ng Manila Bulletin. As a matter of fact, ang ina-allege niya base sa kanyang extrajudicial confession, ang may hawak sa kanya, at nag-uutos sa kanya mag-exploit ng mga system ay editor ng Manila Bulletin (One of them is a data officer of the Manila Bulletin. In fact, he alleges, based on his extrajudicial confession, that the one handling him, and ordering him to exploit systems is an editor of the Manila Bulletin),” NBI Cybercrime Division chief Jeremy Lotoc said in a press conference in their Quezon City office on Friday.
The suspects, whose faces were covered, were identified through aliases ‘kangkong’, ‘Mirasol’, ‘Sibat’, ‘Ricardo Redoble’, and ‘lulu’, and were involved in multiple unauthorized access attempts and breaches of private and government websites since 2016.
All suspects are members of two big hacking groups, Philippine Lulzec and Globalsec.
Lotoc said they tracked the hackers’ movements and monitored online activities to establish patterns and connections linked to their activities.
“Yung isang hacker isa siyang cyber security researcher ng isang malaking company sa (One of the hackers is a cyber security researcher of a big company in) BGC (Bonifacio Global City), ayaw kong pangalanan kasi under investigation po yun, dun siya employed, yung isa naman graduating student siya, dating siyang miyembro din ng (I don’t want to name him because it’s under investigation, he is employed there. The other suspect is a graduating students, he was also a former member of) Pinoy Lulzsec,” he added.
However, Lotoc said their most worrisome discovery is the data from one of the device of aka “Illusion”, “which contains thousands of bank credentials that include usernames, passwords, and even OTPs (one-time passwords).”
These banks, he said, include the Philippine National Bank, Banco de Oro, Union Bank, and Security Bank.
“Magve verify kami tatanungin namin itong mga banko na ito kung nag eexist itong mga data kasi ito yung gagamitin ng mga scammer natin sa kanilang (we will verify and ask these banks if these data exists, becuase this will be used by the scammers in their ) exploit,” Lotoc said.
The NBI, in its press release, said that on June 14, initial contact with the subjects was made through the informant, where they agreed to meet.
The suspects were arrested on June 19 in a hotel in Manila and underwent inquest proceedings on June 20.
They were recommended to be charged with Illegal Access under Section 4(a)(1) and Misuse of Device under Section 5(iii) of RA 10175 or the Cybercrime Prevention Act of 2012, as well as Unauthorized Access or Intentional Breach under Section 29 of RA 10173 otherwise known as the Data Privacy Act of 2012.
The third subject with an alias ‘Allan 10k’ will be charged through direct filing.
NBI director Jaime Santiago said that this is only the start of his promise made when he took over the agency.
“Start pa lamang ito we have several operations lined up sunod sunod na ito kaya yung mga scammers, cybercrime hackers maghanda na kayo ito na kami (This is only the start we have several operations lined up and there are more to come, so those scammers and cybercrime hackers, be prepared, we’re coming to you),” he said.
The Department of Information and Communication Technology (DICT), meanwhile, commended the NBI for its arrest of the hacking suspects.
“DICT is part of the National Cybersecurity Interagency Committee (NCIAC) and its working groups that share intelligence and technical information regarding these cases and assist our law enforcement agencies in their efforts to identify, locate, and apprehend suspected cybercriminals,” it said.
In the same press briefing, the arrested data personnel of Manila Bulletin alleged that he was acting under the orders of the paper’s tech editor and ICT head Art Samaniego.
The NBI said the allegations against Samaniego are under investigation.
Denial
In a statement, Samaniego denied the allegations and said he did not stand to gain anything from the hacking incidents, specifically the hacking of the Armed Forces of the Philippines’ website.
The Manila Bulletin, in a separate statement, said it has always “adhered to the laws of the land and requires its employees to be law-abiding.”
“We expect our employees to be accorded their rights. We assure the public of Manila Bulletin’s utmost fidelity to the laws of the land,” it added. (PNA)