Uganda: Thieves Use 2,000 SIM Cards to Rob Banks

Table of Contents

By Andrew Bagala

Fraudsters who hacked into the mobile money system and fleeced two banks of billions of shillings used about 2,000 mobile phone numbers to execute the scam, Daily Monitor has learnt.

After hacking into the mobile money payment system, the hackers digitally instructed the banks to transfer billions of shillings to telecommunication companies who in turn remitted the money to the different SIM cards which were seeking payment across the country, just a few hours before the crime was detected at the weekend.

MTN, Airtel, Stanbic Bank and Bank of Africa temporarily suspended their mobile money services after detecting the scam and have since involved police to investigate the crime.

In a joint statement released on Monday, signed by MTN, Airtel and Stanbic Bank chiefs, they said there had been a system incident in which hackers accessed systems of a third party service provider (Pegasus Technologies) thus impacting all mobile money or wallet transactions.

“… the system incident has had no impact on any balances on both bank and mobile money accounts,” the joint statement read in part.

The CID spokesman, Mr Charles Twiine, confirmed police had commenced investigations into the hacking.

“We shall establish whether the unauthorised access caused any losses,” Assistant Superintendent of Police Twiine said yesterday, but declined to give further details on the case.

Banks and telecoms are interlinked through aggregators. Uganda has around six aggregators including Pegasus.

Aggregators facilitate a transaction from the bank to the phone such as buying airtime or paying school fees. Similarly aggregators facilitate operations such as sending money across networks.

MTN has an account at Airtel and vice versa. In between is Pegasus which facilitates transactions across the two telecoms.

When money is being transferred from MTN to Airtel, it is debited from a customer’s account and deposited with MTN. Pegasus then technologically reaches out to Airtel and instructs the MTN account at Airtel to pay the Airtel subscriber.

According to sources close to the investigations, the criminals started their scheme mid last year when they registered hundreds of SIM cards under corporate or company names.

They scaled the registration of SIM cards at the start of the lockdown in March before the Uganda Communications Commission suspended that category of registration in July.

It is alleged that the criminal hacked into the systems of Pegasus Technologies, a transaction aggregator, and sent orders to Bank of Africa and Stanbic Bank to send money to about 2,000 SIM cards of purported mobile money users starting Monday last week.

The banks accepted the digital requests as they appeared genuine.

A source familiar with the investigations said Bank of Africa officials were the first to detect the fraud and halted mobile money transactions by Thursday.

But Stanbic Bank reportedly continued allowing their electronic money transactions to MTN and Airtel mobile money accounts.

The criminals continued using these SIM cards to withdraw money from different agents across the country last Saturday.

Sources said Stanbic Bank detected the fraud late at the weekend and informed MTN and Airtel who promptly suspended all mobile money transactions.

The sources said the telecommunication companies are now investigating their agents who registered the SIM cards to identify the culprits and understand how the scam was nurtured and executed.

Mr Wim Vanhelleputte, the MTN chief executive officer, said: “Customer operations are not at all affected. We will do everything possible to recover including support from police.”

Mr Arthur Isiko, the managing director of Bank of Africa, said customer money was intact and instead referred us to Pegasus for further comment.