PNP anti-cyber crime group arrests hackers of US-based AT&T telephone company

SHUTTERSTOCK IMAGE

MANILA — Responding to a complaint filed by AT&T Telecom Company based in the United States last month, the PNP Anti-Cybercrime Group successfully arrested telecom fraudsters based in the Philippines behind the more than USD24 million dollars losses of the said company and their corporate clients since 2011.

Sr. Supt Gilbert C. Sosa, Director of the PNP Anti-Cybercrime Group, said Thursday that three teams were formed to hunt these fraudsters resulting in the arrest of six suspects on Wednesday including the top recipients of payments (in dollars) from hacking activities. The team also rescued three minors who were turned over to the Department of Social welfare and Development (DSWD).

Sosa said authorities recovered from the suspects desktop computers, telephone sets, routers, assorted cellphones, assorted documents, laptops, modems, assorted digital storage, digital cameras, assorted identification cards, ATM cards, and printers.

Sosa revealed that the operation stemmed from the complaint last July of American Mark Zmigrodski, manager of AT&T’s Global Fraud Management Organization, requesting for police assistance, investigation and arrest of persons involved in telephone hacking in the country.

Sometime in February 2011, Zmigrodski said he noticed a large amount of unauthorized calling activity originating from the Philippines that were hacking into US based business telephone systems known as “Private Branch Exchanges” or “PBX’s” which are owned by clients of AT&T.

He initiated an investigation and started monitoring the calling activities of the intruding numbers to find out the extent of their activities during the period February 2011 to present. Consequently, he was able to prove and gather evidence of the intrusions over the AT&T long distance network perpetrated by an organized ring of several persons who have conspired to hack into PBX’s and use those PBX numbers as unauthorized access devices resulting in a significant loss to AT&T and its clients.

In this type of “hacking,” the hacker makes outbound calls from their homes and/or mobile phone and dials into the target telephone systems in the US. They may do this directly through an international toll-free number or by looping through numerous phone systems to reach their target hacking victim. After dialing the targeted US telephone system, the hackers press touch tones (DTMF) on their telephone and illegally access the system in order to obtain free outbound calls.

In doing so, the hacker may also place a test call to another line that he/she has in their residence to verify that they have international dialing capabilities and to note which phone number of the phone system the call is coming from. The pattern of multiple calls with hacked PBX’s connected to their home phone lines provides probable cause that fraud is occurring from that residence. They then use the hacked PBX’s to dial high-cost international premium rate (revenue share) numbers. This activity resulted in a significant loss to AT&T and their corporate customers and in its wake, leaves a trail back to the hacker’s home numbers identifying the hackers involved.

Sosa said cases for violation of Republic Act No. 8484 (Access Devices Regulation Act of 1998) will be filed against all the arrested suspects including the three minors who were assisted by their parents and representative from the DSWD Manila.

In addition, violation of Section 4, Paragraph 4 of RA 10364 (Anti-Trafficking in Persons Act of 2012) is being readied against apprehended suspect Allan Villacrusis while a case for violation of RA 10591 (An Act Providing for a Comprehensive Law on Firearms and Ammunition and Providing Penalties for Violations Thereof) is being readied against suspect Rommie Mondido.

Sosa added that the PNP Anti-Cybercrime Group on the instruction of the Chief PNP will continue to focus operation on transnational organized cybercrime groups.