Equity Bank Group fell victim to a sophisticated cyber heist between April and July 2023, resulting in a loss of UGX 10.6 billion. The incident, which came to light during a detailed investigation by detectives, revealed a complex scheme involving the infiltration of the bank’s payment and fraud management system.
The unknown perpetrators skillfully manipulated security settings for three merchants registered for credit card payments, exploiting vulnerabilities in the Cybersource platform. The hackers’ operations involved altering merchant security protocols from the more robust three-dimensional (3D) authentication to the less secure two-dimensional (2D) method.
This downgrade in security measures allowed the fraudsters to process transactions using counterfeit credit cards without triggering immediate suspicion. Notably, investigators discovered that these transactions were purely fictional, with no actual exchange of goods or services, thus indicating a deliberate ploy to siphon funds directly from Equity Bank’s settlement account.
Over the subsequent three months, the cybercriminals continued to exploit this security breach, channeling money into accounts associated with the compromised merchants. The investigation uncovered a sophisticated money laundering operation with a portion of the ill-gotten gains allegedly finding its way to the United Arab Emirates.
In response to these findings, Kenya’s Directorate of Criminal Investigations (DCI) has recommended the prosecution of four suspects linked to the heist. Reports from DCI and the Office of the Director of Public Prosecutions disclose the challenges of tracing cybercrime proceeds as digital criminals employ increasingly advanced methods to obscure their tracks.
The legal consequences for the implicated individuals could be severe, with potential charges including stealing by agents, money laundering, and computer fraud. If convicted, these charges could result in substantial prison sentences.
Furthermore, the scope of the investigation has widened to encompass additional merchants suspected of involvement in a broader credit card fraud syndicate.
Equity Group also suffered a second cyber attack exactly one year later, resulting in an additional loss of approximately UGX 5.9 billion. While the bank managed to freeze UGX 2 billion of the stolen funds, the remainder was swiftly transferred out of reach.
This subsequent incident involved transfers to M-Pesa accounts and other local banks, further complicating the investigation and recovery efforts. A key piece of evidence in the ongoing investigation is a laptop seized from one of the suspects. Forensic analysis of this device is expected to provide crucial insights into the mechanics of the cyber heist and potentially reveal any internal complicity.
Discussion about this post