Cyber Crime: How a Bank lost GH¢46 million in heist

The Cyber Crime Unit of the Criminal Investigations Department (CID) of the Ghana Police Service have confirmed the arrest of the owner of Adom Sika Savings and Loans Limited, Sam Acquah, and software, James Taylor, are thought to be behind the latest  cyber crime in Ghana.

The police also confirmed six persons have been arrested in connection with the hacking of a universal bank in Accra, which led to the illegal transfer of GH¢46 million into accounts of eight persons in different banks.

The police say two other suspects involved in the cyber heist are still on the run. These persons were identified as Boateng Mends and Pussy Cat. It is believed those are their aliases.

The investigators also have named the other suspects as Hudu Abdul Mumuni, Emmanuel Adams, Moro Issah and Agbenu Febous Chrissy. They were picked up when they showed up at various banks to withdraw the money transferred into their accounts through the illegal wire transaction, reports.

The cyber hackers allegedly logged into the banking software of the bank remotely and used the login credentials of some members of staff of the bank, some of whom were on leave, to effect the illegal transfers.

Assistant Commissioner of Police (ACP) Dr Gustav Herbert Yankson, said on July 2, this year, the unit received a complaint about the fraudulent wire transfer and immediately alerted the banks where the money had been transferred to prevent withdrawals.

“We moved in and blocked the accounts into which the fraudulent wire transfers were made. This prevented the bank whose banking software was hacked from losing the money,” he explained.

The management of the bank, on detecting the fraud, also disabled the SWIFT server immediately to prevent further transfers, after which the banks involved were alerted to prevent withdrawals.

ACP Dr Yankson noted that in the last four months, the unit had received complaints of similar attacks against a number of banks in the country.

The incidence of attacks, he said, was usually on automated teller machine (ATM) networks, saying investigations had revealed that most of them occurred with the help of insiders (bankers).

ACP Yankson, therefore, advised banks to comply with the Bank of Ghana’s (BoG’s) cyber and information security directive and urged the central bank to strictly enforce the directive to forestall such attacks.