The Directorate of Criminal Investigations (DCI) on Wednesday issued arrest warrants for 130 people in connection with electronic fraud of hacking into commercial bank systems.
In a notice in local dailies, DCI’s Economic Crimes Unit stated that the suspects had engaged in banking fraud between last June and January this year.
In one of the most recent cases, a hacker breached the inter-bank money transfer system to steal Ksh6.9 million from a bank in the first week of January.
The hack, targeting Pesa Link, has triggered a massive cybercrime investigation into the loss of billions of shillings.
Pesa Link facilitates real-time inter-bank transactions.
Sleuths believe the fraud happened between January 1 and 7 this year and benefited at least 50 people who are now at the centre of investigations.
“Hackers have stolen billions of shillings from innocent Kenyans. Financial institutions are suffering because of these suspects’ actions,” DCI George Kinoti told The Standard.
Police records show that financial institutions lost about Ksh17 billion to the fraudsters in 2016 and up from Ksh14 billion in 2015.
One of the methods used by hackers involves employees or former employees with intricate knowledge of dormant accounts from which money can be spirited out without detection, or even gaps in the system.
They skim off a little amount from these accounts without detection.
This grows into a tidy sum once skimmed from thousands of accounts.
Another racket entails gaining unauthorised access to the core banking system to make suspicious deposits and subsequent withdrawals from multiple accounts.
In another scheme, mobile money users receive an anonymous message on a certain transaction.
Once they click on a link provided, they unknowingly install a malware that harvests login information and passwords.
Hackers are then able to gain access to the account and empty it.