Two Nigerian nationals, 40-year-old Augustine, a software engineer and Ekene Godwin, 37, have been arrested by the Cyber Crime Wing of Greater Chennai Police in India for virtually robbing Rs 2.5 crore from a branch of the Tamil Nadu State Apex Cooperative Bank.
The suspects were arrested from Uttam Nagar, Delhi when one of them went to an ATM to withdraw money, police said in a statement on Friday, January 13, 2023.
The arrest was made on January 8, by a special team led by inspector T Vinoth Kumar of the cybercrime wing and would be brought to Chennai soon.
The duo entered India two years ago on a business visa. Since August 2022, they have been sending phishing emails to cooperative banks across the country and allegedly managed to steal from 10 different banks.
According to Times of India, the duo gained access to the keyboard usage of the bank and monitored the texts and swindled Rs 2.5 crore.
While the cybercrime personnel managed to retrieve Rs 1.5 crore immediately after the successful phishing bid, the accused had managed to transfer the remaining sum.
The police said last November, a representative from the bank lodged a complaint alleging that some people had stolen ?2.61 crore from its account and security protocols had been compromised. The officers of Cyber Crime Wing registered a case and took up investigation.
Explaining the duo's modus operandi, police said that Augustine sent a phishing mail to the bank officials on November 18.
“As the name suggests, Keylogger is used to gain access to a keyboard. When a bank staff clicked on the phishing e-mail, the embedded software got installed. The duo monitored the system for four months before transferring the money," the officer said.
Soon after they clicked on the link, the Key Logger app, which was embedded within the mail, got downloaded into their computers. The tool entered the banking system without alerting the officials.
This gave Augustine and Godwin access to three bank accounts from which a sum of Rs 2.5 crore was stolen over 32 transactions. By the time the cooperative bank understood what was happening and alerted the cops, the foreign nationals managed to transfer around Rs 1 crore to the Zenith Bank and Bank of Nigeria. The remaining sum was retrieved by the police team, the news report said.
The Africans were held by the police team from Delhi's Uttam Nagar area following an investigation focusing on the Nigerian bank accounts.
Following the arrest, it was learnt that they used the robbed money to make cryptocurrency investments.
The Tamil Nadu cybercrime unit also learnt that they had successfully infiltrated a bank server in Gujarat as well. The cops have got in touch with their counterparts in the northern state.
Speaking to journalists, Vinoth Kumar said, “As the name suggests, Keylogger is used to gain access to a keyboard. When a bank staff clicked on the phishing e-mail, the embedded software got installed. The duo monitored the system for four months before transferring the money,"
To avoid virus attacks, computers with a core banking system (CBS) usually do not have internet. However, the duo managed to find one CBS unit that had an internet connection and sent a phishing mail to the state cooperative bank in Mannady.
"While all the IP addresses were cloned or made to bounce off, we were able to trace one id to Delhi. A team was sent and they stayed put in Uttam Nagar,” said the officer.
The Nigerians had transferred almost all the swindled money to a Nigerian bank. They had kept only a minimum amount to pay for rent, food and other expenses.
"They transferred the money to at least 32 different bank accounts. We tracked some of those accounts and monitored them. When the accused withdrew money from ATMs, we identified them through the CCTV footage,” said Vinoth Kumar.