Feeds

Manila AT&T hackers linked to Mumbai terror attack - cops

Four alleged line-jackers cuffed with aid from FBI

Securing Web Applications Made Simple and Scalable

Police in the Philippines have arrested a group of four suspected hackers accused of funnelling profits from attacking corporate telephone networks to an Islamic terrorist group blamed for the attacks on Mumbai three years ago.

The four suspects allegedly targeted PBX systems maintained by AT&T and gained access to corporate phone lines that they resold at a profit to call centres. The low-level scam resulted in estimated losses of $2m and ran between at least October 2005 and December 2008, and possibly earlier.

The operation was allegedly financed by Jemaah Islamiyah, a proscribed Pakistani terrorist organisation blamed for the terrorist attack in Mumbai, India, in November 2008.

"Revenues derived from the hacking activities of the Filipino-based hackers were diverted to the account of the terrorists, who paid the Filipino hackers on a commission basis via local banks," according to a statement on the arrests by the Philippine National Police's Criminal Investigation and Detection Group (CIDG), which added that the type of scam involved had been running since 1999.

Members of the CIDG’s Anti-Transnational and Cyber-Crime Division (ATCCD) and FBI agents raided the homes of the suspects, who all live in Greater Manila, seizing computer and telecoms equipment. The agents made four arrests on Wednesday, 23 November. The suspects were named as: Macnell Gracilla, 31, a resident of Quezon City; Francisco Manalac, 25, and his live-in partner Regina Balura, 21, of Calooocan City, and Paul Michael Kwan, 29, who also lives Caloocan City.

Kwan was previously arrested four years ago in 2007 on suspicion of helping to finance terrorist activities* but was apparently released only to - allegedly - resume his involvement in the long-running phone phreaking scam. He and his alleged cohorts continued to act as commission-only hacking contractors, albeit for a different boss.

Following the arrest of Pakistani Jemaah Islamiyah member Muhammad Zamir in Italy, also in 2007, an unnamed Saudi Jihadist took control of running the phone phreaking scam. Banking records linked the Philippines hackers to their alleged Saudi terrorist funding boss.

"FBI agents who have been investigating incessant hacking of telecommunication companies in the US since 1999 uncovered paper trail of various bank transactions linking the local hackers to the Saudi-based cell whose activities include financing terrorist activities," according to CIDG.

The FBI requested the assistance of Philippines authorities in March 2011 but arrests were only made last week, some eight months after the request for help.

The scam involved was almost certainly neither technically complicated nor lucrative. $2m-worth of calls, most probably fenced for much less, is a drop in the ocean compared to the hundreds of millions of dollars scareware vendors rake in every year. In addition there must be some doubt whether the alleged hackers knew they were working for a terrorist funding mastermind or were doing low paid work who whoever bankrolled them on a no-questions-asked basis. ®

Bootnote

Kwan's 2007 indictment here only talks about a phone phreaking plot run through Italian and Spanish call centres. It makes no mention of terrorist implications unless the source of some named payments, referred to only as J.I., is actually Jemaah Islamiyah.

Mobile application security vulnerability report

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you on YouPorn lately, perhaps? White House website?
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.