EXPERTS UGANDA How hackers stole billions from Airtel Money in Uganda 4 months ago Szarlot Post Views: 290 New details have emerged about how black hats used the website of a gaming platform in Uganda to plunder money from the systems of Airtel Mobile Commerce Uganda Limited (AMCUL). While the licensed betting firm’s website prides itself on making “use of standard encryption to protect the data of its users”, this publication has been reliably informed that cybercriminals used it as a gateway to AMCUL’s digital systems. After tweaking AMCUL’s software to approve every transaction that came along, the hackers drained its central systems of just under Ush8 billion in a meticulously planned operation. The hack affected a number of banks and microfinance deposit-taking institutions operating in Uganda. This publication understands that one of the microfinance deposit-taking institutions opened an official complaint with Cyber and Counter Electronic Measure Desk at Criminal Investigations Directorate (CID) headquarters in Kibuli, Kampala. Black box attack Initial investigations indicate that the hackers found a neat workaround AMCUL’s systems via the betting firm, whose name we have chosen to withhold. Punters who use the gaming platform to load virtual bet slips stake bets only after crediting their accounts with mobile money on Airtel or MTN. The attack CID detectives told this reporter that when the black hats accessed AMCUL’s systems via one of its clients—the betting firm we have chosen not to name—they launched what is known in the hacking underworld as a black box attack. Multiple accounts of banks and micro-finance institutions bore the brunt of the ‘jackpotting’ with money mules acting on behalf of the black hats receiving mobile money from the hack. This publication understands that 1,840 registered and preregistered SIM cards were readied for big withdrawals. Sources tell us that the hackers had completed transactions on 1,800 of the SIM cards before the daring raid was stopped in its tracks. In a statement, Airtel Uganda said the “incident did not impact any Airtel Money or bank balances.” It added that “our platform is secure and built to world-class specifications to give our Airtel Money customers an instant, safe and secure experience.” Our attempts to talk to the top brass of the betting firm were unsuccessful. When we sounded out what we were led to believe is the firm’s chief executive, he told us that he severed ties with the company last month. His response was so terse that we were unable to establish whether he left in the aftermath of the black box attack on AMCUL’s digital systems. The daring raid on AMCUL’s digital systems took place on October 28. CID response Our sources tell us that officials from the betting firm in the eye of the storm will be probed at the start of the new workweek on Monday. This is as investigators attempt to get to the bottom of the Ush7.6 billion hack. AIGP Tom Magambo, the CID director, couldn’t be drawn into whether this is a lead the police are exploring. He, nevertheless, told this publication via telephone that the investigation into the hack is gaining traction. “We do take any reported incident very seriously, especially on investigations with dubious ways that affect our society. We can assure you that we shall take all the necessarysteps to complete this investigation.” AIGP Magambo also told this publication that CID detectives will share findings from any watertight lead with the Director of Public Prosecutions to recommend sanctions. While sources at the CID headquarters told us that some arrests have been made, AIGP Magambo declined to divulge any information. “I’m not aware of any arrests, and I don’t have any information about it,” – he tersely said. Airtel statements CID detectives close to investigations into the hack told this reporter that AMCUL’s top brass was recently summoned to the CID headquarters in Kibuli. We understand that the entity’s top officials made statements in regard to the hack. Cyber attacks Cyber attacks have in recent times grown in their frequency and ferocity. Already, UGAFODE Microfinance Limited—a Uganda-based micro deposit-taking institution—lost Ush400 million to black hats this year. In fact, the police registered 10,057 economic crimes from private sector fraud in 2020. Obtaining money by false pretense was the highest crime reported under this category in 2020. It was followed by forgeries and cyber-related crimes in that order. Source: thecitizen.co.tz About Post Author Szarlot I am a fan of casino games especially roulette and blackjack. After that I analyze current events in the gambling industry. See author's posts SzarlotI am a fan of casino games especially roulette and blackjack. After that I analyze current events in the gambling industry. Facebook Twitter LinkedIn Email Print Tags: Airtel, cyber attack, mobile money, Uganda Continue Reading Previous Tanzania: Which way betting? The big debateNext Eventus International to Cover South, East & West Africa in 2023 More Stories EXPERTS The future of sports betting: AI-powered predictive analytics 4 hours ago Samuel EXPERTS WORLD NEWS What does the UK’s involvement look like in African business today? 1 day ago Szarlot EXPERTS NIGERIA GamStop And Responsible Gambling in Nigeria 1 day ago Szarlot EXPERTS KENYA KRA gains more from gaming and betting collections 1 day ago Iwo Bulski EXPERTS KENYA Betting firms inflating sponsorships to avoid taxes 1 day ago Szarlot EXPERTS NIGERIA Is the Cryptocurrency Noise in Nigeria Gradually being Silenced? 2 days ago Samuel EXPERTS KENYA Kenyan Govt Invites Public Submissions in the Creation of National Lottery 2 days ago Szarlot EXPERTS KENYA Naira Marley advises Muslims to forget betting during Ramadan 3 days ago Samuel EXPERTS WORLD NEWS Record 2022 numbers for Playtech 6 days ago Iwo Bulski BETTING EXPERTS Is Long-Term Betting a Smart Investment Strategy? 1 week ago Szarlot EXPERTS GHANA Casino Industry in Ghana Compared to South Africa 1 week ago Szarlot EXPERTS KENYA The Future of Online Lotto Payments: Cryptocurrencies and Digital Wallets 1 week ago Szarlot Leave a Reply Cancel replyYour email address will not be published. Required fields are marked *Comment * Name * Email * Website Save my name, email, and website in this browser for the next time I comment. Δ This site uses Akismet to reduce spam. Learn how your comment data is processed.