Okitipi Samuel, also known as Moses Felix, an international cybercrime syndicate has been arrested for allegedly being the developer behind the Raccoon 0365 phishing toolkit. The Nigeria Police Force National Cybercrime Centre (NPF-NCCC) announced the breakthrough on Thursday, December 18, after a year-long investigation involving the FBI, Interpol, and Microsoft’s Digital Crimes Unit.Raccoon 0365 operated as a Phishing-as-a-Service (PhaaS) model, allowing low-skilled criminals to rent sophisticated hacking tools for approximately $355 per month. Between January and September 2025, the toolkit was used to harvest over 5,000 Microsoft 365 credentials from 94 countries, targeting healthcare providers, financial institutions, and government agencies.The operation gained global attention for its ability to bypass Multi-Factor Authentication (MFA) using deceptive Cloudflare Turnstile CAPTCHAs to trick users into feeling secure. In September 2025, Microsoft successfully seized 338 domains linked to the infrastructure, leading investigators directly to the digital footprints of the developer in Nigeria.While three individuals were initially detained in Lagos and Edo states, police cleared two suspects Joshua and James, ruling that they were victims of identity theft, whose details were used by Samuel to register malicious infrastructure without their consent.Investigators used advanced blockchain forensics to trace cryptocurrency wallets used to sell phishing links on Telegram. Samuel allegedly managed a channel with over 850 members, receiving over $100,000 in digital payments.Despite the global scale of the crime and involvement of the FBI, Nigeria has opted to prosecute Samuel locally under the Cybercrimes Act, 2024, which carries a maximum sentence of 10 years for attacks on critical infrastructure.Force PRO Benjamin Hundeyin lauded the arrest as a testament to Nigeria’s growing digital sovereignty and technical capacity. The NPF-NCCC claims to have “cut the head off the snake”, by unmasking the developer rather than just the end-users, and also disabling a tool that was sending up to 9,000 malicious emails daily.Okitipi Samuel remains in custody and is to be arraigned in a Federal High Court by early January 2026. Meanwhile, Microsoft has begun a mass-notification process for the 5,000+ compromised account holders to reset their security protocols.
Police bust cult using WhatsApp channel ‘Red Chamber’ to recruit teens in Sokoto
Police in Sokoto, have arrested the leaders of a suspected cult group accused of using a WhatsApp group called the “Red Chamber” to recruit and initiate teenagers into their cult group.The crackdown, announced on Saturday, led to the arrest of three suspects, including the alleged mastermind, Usman Shu’aibu. The operation by the Anti-Kidnapping Unit exposes the new trend of digitalization adopted by criminal networks, to expand their reach and influence over the youth.The group, known locally as “Sai Malam,” operated discreetly across parts of Sokoto State. Investigators discovered that the WhatsApp group was central to their operations, promising secret powers and loyalty to new recruits.The suspects confessed to using the WhatsApp platform to initiate members remotely. Police described the strategy as an attempt to exploit impressionable young people who might be seeking belonging or protection.The breakthrough came Friday night when the Anti-Kidnapping Unit raided the group’s location. The Commissioner of Police, Ahmed Musa, framed the arrests as a response to public outcry regarding youth involvement in harmful secret societies.Police spokesperson Ahmed Rufai emphasized the need for parents to scrutinize their children’s digital footprint, stressing that social media is becoming a frontline for criminal manipulation. The police have launched a manhunt for fleeing members of the “Sai Malam” group, in order to restore law and order across the state.
Dangote and Otedola phones hacked, ransom demanded
The mobile phones of two of Nigeria’s wealthiest businessmen, Aliko Dangote and Femi Otedola, were reportedly compromised by hackers over the past week, with ransom demands made to both individuals, according to a report by TheCable. Sources confirm that cyber intruders gained access to the phones of Dangote, Africa’s richest man, and Otedola, seeking financial payment. Dangote experienced two separate breaches within a 48-hour period, while Otedola’s phone was breached once. As at the time this report was published, it remains unclear whether the businessmen have regained full control of their devices or the total extent of the data compromised. The nature and amount of the ransom requested by the hackers, as well as the precise information stolen, which may include highly sensitive financial, business, and personal data, have not been disclosed. Cybersecurity experts warn that such breaches could expose victims to severe financial and reputational risks.This incident follows similar high-profile cyberattacks in Nigeria. In 2024, phones belonging to state governors Bassey Otu of Cross River State and Ademola Adeleke of Osun State were also breached by scammers who impersonated the officials to solicit financial support. Cybersecurity experts urge individuals and organizations to strengthen their cybersecurity protocols and remain cautious against phishing attempts and other digital threats.
Kenyan authorities contain cyberattack targeting ministries and presidential site
The Kenyan government confirmed it successfully contained a cyberattack that temporarily disrupted and defaced multiple official websites across ministries on Monday, November 17. The attack, which affected access to public information and services, is suspected to have been carried out by a group identifying itself as PCP@Kenya. Cybersecurity teams intervened quickly and access to most affected platforms was restored by midday.The intrusion targeted domains across various ministries, including Interior, Health, Education, Energy, and Labour, along with the official president.go.ke website.During the outage, attempts by users to access affected sites were met with defaced pages displaying unauthorized, white supremacist messages and slogans, including “Access denied by PCP”, “We will rise again”, “White power worldwide”, and “14:88 Heil Hitler”.The State Department for Internal Security initiated an emergency digital response. Dr. Raymond Omollo, Chairman of the National Computer and Cybercrimes Coordination Committee (NC4), confirmed the situation was contained and warned that the intrusion violated the Computer Misuse and Cybercrimes Act and the Data Protection Act; Those found culpable shall face the full force of the law Meanwhile, key platforms such as the eCitizen portal, the National Transport and Safety Authority (NTSA), and the Judiciary remained operational during the incident.
Former Acces Bank manager arraigned for allegedly diverting $510,000
Obinna Nwaobi, a former Head of Operations at Access Bank Plc, has been arraigned before the Federal High Court in Enugu State on a nine-count charge that includes forgery and criminal diversion of $510,000 belonging to a bank customer. The arraignment, conducted by the Economic and Financial Crimes Commission (EFCC) on Thursday, saw the defendant plead not guilty to all charges. The court subsequently granted the defendant bail under conditions set at ₦250 millionThe EFCC investigation originated from a petition filed by the Access Bank on September 11, 2024, concerning unauthorized transfers from a corporate account belonging to Lantern Gate Nigeria Limited. The prosecution alleges that Nwaobi, while Head of Operations, authorized the movement of the $510,000 into six different accounts without the customer’s approval.The nine-count charge, heard by Justice F. O. Giwa-Ogunbanjo, alleges that Nwaobi’s actions contravene Section 1(b) of the Advance Fee Fraud and Other Fraud Related Offences Act, 2006, and included the forgery of a domestic funds transfer form.While the defense counsel sought bail on liberal terms, the EFCC counsel, Assistant Commander Mainforce Adaka Ekwu, vehemently opposed the application. The prosecution argued that the quality of evidence we have in our proof of evidence might put fear in him, and he might want to abscond.By pleading not guilty, the defendant formally denies the allegations of forgery and criminal diversion.The defendant was remanded at the Nigeria Correctional Service facility in Enugu pending the fulfillment of the bail conditions. The trial proper has been adjourned, and is scheduled to commence on March 10, 11, and 12, 2026.
Kenya Police arrest 3 Nigerians over alleged cyber fraud and illegal stay
Three Nigerians were arrested in Kenya by a joint operation team of police and immigration officers on Wednesday, November 12, over allegations of cyber fraud and illegal residency. The suspects, identified as Peter Chukwujekwu, Alazor Chukulute Sunday, and Nnalue Chiagozie Samwel, were apprehended at their hideout in Mwihoko village, Mwea East sub-county, following a tip-off from residents. Authorities recovered a cache of items linking them to a suspected cybercrime network, including 21 mobile phones, 79 SIM cards, 37 credit cards, and a Dell laptop.The operation was described by the Directorate of Criminal Investigations (DCI) as a well-coordinated multi-agency operation focused on dismantling a suspected cyber fraud ring.According to Kirinyaga County Criminal Investigations Officer (CCIO) Justus Imana, the recovered items suggest the trio was involved in a sophisticated fraud network. Authorities also recovered seven foreign currencies and items suspected to be used for witchcraft. Investigations revealed that the suspects had overstayed their visas and were in the country illegally, with their entry passes having expired. One individual reportedly arrived as early as 2021.The arrests were made after residents raised concerns over suspicious movements and late-night activities at the rented apartment where the Nigerians were operating.The three suspects are currently in police custody and are scheduled to be arraigned in court today, Thursday, November 13. Investigators are continuing to trace possible connections between the suspects and cross-border cybercrime syndicates.The arrests come a year after Kenya deported seven other Nigerians over allegations including drug trafficking, money laundering, and online fraud. Kenyan authorities have urged any potential victims of the suspects’ fraud activities to come forward for identification.