4 suspects in December 2021 BDO hack charged
MANILA – Prosecutors have filed criminal charges against four suspects arrested by the National Bureau of Investigation (NBI) for hacking into hundreds of BDO Unibank Inc. (BDO) customer accounts in December last year.
In a message to reporters on Wednesday, Undersecretary for Justice and Spokesperson Emmeline Aglipay-Villar said the four – Jherom Anthony Taupa, Nigerian national Ifesinachi Fountain Anaekwe, Ronelyn Panaligan alias “Luka Hanabi” and Clay Revillosa alias “X-men” – have been charged with violations of Republic Act 8484 or the Regulation of Access Devices Act of 1998 and RA 10175 or the Prevention of Cybercrime Act of 2012.
A similar complaint against a second Nigerian national, Chukwuemeka Peter Nwadi, has been recommended for further investigation, she added.
The cases were filed by the NBI – Cybercrime Division (NBI-CCD) as part of several entrapment operations conducted on January 20 and 22 against the individuals allegedly behind the fraudulent transactions targeting account holders BDO.
Prosecutors found that Panaligan acted under the username “Luka Hanabi” on the “Max Bounty” Facebook page and sold fictitious accounts.
Acting as a “verifier”, Panaligan would pretend to conduct an investigation and ask victims for their photo IDs in exchange for PHP50 in prepaid credit to “participate in the investigation”.
Victims’ information and photographs, without their knowledge, would be used to apply for verified GCash or Paymaya accounts and after securing the debit cards, offer them for sale to other fraudsters seeking to withdraw funds from illegitimate sources.
Panaligan was arrested after offering for sale the cash machine that fraudulently requested a Paymaya account. There was even an agreement with the posing client that once the money was transferred to the account, he would share the proceeds of the fraudulent transaction.
It was discovered that Revillosa, a third-year student, was selling 800,000 mailing lists or email addresses containing online bank account login credentials for 30,000 PHP. Mailing lists are used in the preparatory stages of large-scale fraudulent activities.
In his affidavit, Revillosa said he hacked into the database of websites to get the mailing lists and was then contacted by the group that carried out the BDO heist.
Anaekwe, aka ‘Daddy Champ’ and Nwadi, according to the DOJ, are the masterminds behind the “Mark Nagoyo Group” and provided access devices such as bank accounts, crypto wallets or even point-of-sale terminals ( POS) from legitimate merchants to fraudsters. .
During the trap, “Daddy Champ” offered different company accounts that can be used to transfer 10 million PHP each. The company’s accounts serve as “deposit accounts” and were sold for PHP 2,000 each.
As for Nwadi, it was recommended that further investigation be conducted as to his direct involvement in the commission of the offence.
Apart from his presence during the entrapment operation, no other evidence has been provided by the plaintiffs as to his participation in the trafficking of unauthorized access devices.
Given these findings, prosecutors said additional evidence must be presented to determine if there is probable cause for his indictment, and in the meantime he will be released from custody.
Taupa was discovered to be selling “a ‘SCAMPAGE’ for PHP 2000. This is a phishing website which is an imitation of GCash webpage whose real site is hosted at https://www .gcash.com.
“SCAMPING” was used to harvest the login information, usernames, passwords and mobile personal identification numbers (MPINs) of unwitting victims who access them in the mistaken belief that they were accessing the GCash official portal.
It further provides access to victims’ GCash accounts in order to steal the funds stored there. (NAP)