Feeds

Manila AT&T hackers linked to Mumbai terror attack - cops

Four alleged line-jackers cuffed with aid from FBI

Choosing a cloud hosting partner with confidence

Police in the Philippines have arrested a group of four suspected hackers accused of funnelling profits from attacking corporate telephone networks to an Islamic terrorist group blamed for the attacks on Mumbai three years ago.

The four suspects allegedly targeted PBX systems maintained by AT&T and gained access to corporate phone lines that they resold at a profit to call centres. The low-level scam resulted in estimated losses of $2m and ran between at least October 2005 and December 2008, and possibly earlier.

The operation was allegedly financed by Jemaah Islamiyah, a proscribed Pakistani terrorist organisation blamed for the terrorist attack in Mumbai, India, in November 2008.

"Revenues derived from the hacking activities of the Filipino-based hackers were diverted to the account of the terrorists, who paid the Filipino hackers on a commission basis via local banks," according to a statement on the arrests by the Philippine National Police's Criminal Investigation and Detection Group (CIDG), which added that the type of scam involved had been running since 1999.

Members of the CIDG’s Anti-Transnational and Cyber-Crime Division (ATCCD) and FBI agents raided the homes of the suspects, who all live in Greater Manila, seizing computer and telecoms equipment. The agents made four arrests on Wednesday, 23 November. The suspects were named as: Macnell Gracilla, 31, a resident of Quezon City; Francisco Manalac, 25, and his live-in partner Regina Balura, 21, of Calooocan City, and Paul Michael Kwan, 29, who also lives Caloocan City.

Kwan was previously arrested four years ago in 2007 on suspicion of helping to finance terrorist activities* but was apparently released only to - allegedly - resume his involvement in the long-running phone phreaking scam. He and his alleged cohorts continued to act as commission-only hacking contractors, albeit for a different boss.

Following the arrest of Pakistani Jemaah Islamiyah member Muhammad Zamir in Italy, also in 2007, an unnamed Saudi Jihadist took control of running the phone phreaking scam. Banking records linked the Philippines hackers to their alleged Saudi terrorist funding boss.

"FBI agents who have been investigating incessant hacking of telecommunication companies in the US since 1999 uncovered paper trail of various bank transactions linking the local hackers to the Saudi-based cell whose activities include financing terrorist activities," according to CIDG.

The FBI requested the assistance of Philippines authorities in March 2011 but arrests were only made last week, some eight months after the request for help.

The scam involved was almost certainly neither technically complicated nor lucrative. $2m-worth of calls, most probably fenced for much less, is a drop in the ocean compared to the hundreds of millions of dollars scareware vendors rake in every year. In addition there must be some doubt whether the alleged hackers knew they were working for a terrorist funding mastermind or were doing low paid work who whoever bankrolled them on a no-questions-asked basis. ®

Bootnote

Kwan's 2007 indictment here only talks about a phone phreaking plot run through Italian and Spanish call centres. It makes no mention of terrorist implications unless the source of some named payments, referred to only as J.I., is actually Jemaah Islamiyah.

Choosing a cloud hosting partner with confidence

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.