Operatives of the Philippine National Police (PNP) Anti-cyber Crime Group (ACG) arrested six people allegedly responsible for hacking the system of American telecommunications giant AT&T, which caused the firm $24-million in losses.
PNP-ACG spokesperson Jhoanna Fabro identified the arrested suspects as Rosendo Catungal, Lani Diaz, Rommie Mondido, Elmer and Liezel Feolog, and Allan Villacrusis.
The six, along with three minors who were later turned over to the Department of Social Welfare and Development, were arrested in a series of raids in Manila, Malabon, Valenzuela and Rizal on Wednesday.
Catungal and Diaz were arrested in Tondo, Manila; Mondido in Malabon; Elemer and Liezel Feolog in Valenzuela City; and Villacrusis in Angono, Rizal.
PNP-ACG Chief Gilbert Sosa said the arrests stemmed from a complaint filed by Mark Zmigrodski, AT&T’s Global Fraud Management Organization manager.
Sosa said Zmigrodski reported that on February 2011, he started noticing large amount of unauthorized calling activity emanating from the Philippines using US-based business telephone systems known as “Private Branch Exchanges” or PBXs owned by clients of AT&T company.
“He initiated an investigation and started monitoring the calling activity of the intruding numbers to find out the extent of their activities from February 2011 to present. Consequently, he was able to prove and gather evidence of the intrusions over the AT&T long distance network perpetrated by an organized ring of several persons who have conspired to hack into PBX’s and use those PBX numbers as unauthorized access devices resulting in a significant loss to AT&T and its clients,” Sosa said.
The hackers operate by making outbound calls from their homes to international toll-free numbers in the US. When the calls get through, they dial the number of the target hacking victim.
“After dialing the targeted US telephone system, the hackers press touch tones (DTMF) on their telephone and illegally access the system in order to obtain free outbound calls,” Sosa said.
After obtaining free international telephone access, the syndicate would then use the hacked PBXs to dial high-cost international premium rate (revenue share) numbers which resulted in significant losses to AT&T and their corporate clients.
“The pattern of multiple calls with hacked PBX’s connected to their home phone lines provides probable cause that fraud is occurring from that residence. They then use the hacked PBX’s to dial high-cost international premium rate (revenue share) numbers,” he added.
The ACG chief said the illegal activity left a trail back to the hackers’ home numbers identifying the suspects.
Seized from the suspects were desktop computers, telephone sets, routers, assorted cellphones, documents, laptops, modems, assorted digital storage, identification cards, digital cameras, ATM cards, and printers.
The suspects are facing charges in violation to Republic Act 8484 or the Access Devices Regulation Act of 1998.