The National Bureau of Investigation arrested three individuals for allegedly hacking into the social media accounts and websites of several government agencies and banks.
NBI Cybercrime Division Chief Jeremy Lotoc said the suspects admitted to exploiting and defacing the platform of online payment gateway Dragonpay before moving on to “Pinoy LulzSec” —a hacking group responsible for defacing hundreds of Philippine websites, including that of the Armed Forces of the Philippines, Philippine Army, Philippine Navy, and the National Security Council.
One of the arrested individuals was identified as a data officer working for the Manila Bulletin.
The suspect claimed he hacked some of the websites under the instruction of Manila Bulletin IT Editor Art Samaniego so that he can allegedly use it as content for his column and social media platforms.
The NBI said it was also preparing to file a case against Samaniego, who denied all the allegations.
The suspect said Samaniego began giving him instructions on which websites to hack in 2019, after he was hired by the Manila Bulletin.
The suspect said one of the last instructions he got from Samaniego was to hack the online application of the 1Sambayan political coalition.
Lotoc said they would give Samaniego the opportunity to answer all the allegations against him.
The Manila Bulletin also issued a statement regarding the incident.
“As a responsible corporate citizen, the Manila Bulletin adhered to the laws of the land and requires its employees to be law abiding. We expect our employees to be accorded their rights. We assure the public of Manila Bulletin’s utmost fidelity to the laws of the land,” the company said.
The other two suspects were a cybersecurity researcher working for a major company with an office in BGC and a graduating student from an undisclosed university in the Philippines.
Lotoc said the agency has been tracking these individuals since 2016.
He said they were still minors at the time and members of a group of international independent hacktivists calling themselves “Global Security Hackers.”
Lotoc added the suspects were also the same threat actors who defaced the University of Santo Tomas (UST) Hospital website as a protest against a doctor who allegedly refused the admission of a woman who was about to give birth but could not pay the P20,000 security deposit.
The NBI also presented two other hackers who were arrested Thursday night for selling compromised GoTyme accounts.
“What’s worrisome based on what we’ve seen is that ‘aka Illusion,’ one of the hackers presented here, we saw in his device through control viewing, user account credentials for banks – PNB, BDO, Unionbank, and even Security Bank,” Lotoc said.
The NBI will be verifying with the involved banks whether or not these credentials are genuine since cybercriminals use accounts with fake user information in their exploits.
Lotoc added the data stolen by these individuals were either sold on hacking marketplaces and forums to organized cybercrime groups, used as bragging rights by individuals who aim of joining hacking organizations, or act as a bargaining chip in exchange of malicious scripts. With Darwin Amojelar
Editor’s Note: This is an updated article. Originally posted with the headline “NBI nabs 3 for hacking online platforms of gov’t agencies.”