Police arrest man over Microsoft cyberattack

The Nigeria Police Force has arrested a Nigerian, Okitipi Samuel, in connection with a cyberattack targeting Microsoft 365 users across several countries.

The Force Public Relations Officer, Benjamin Hundeyin, disclosed this on Thursday in Abuja while briefing journalists on the outcome of investigations conducted by the National Cybercrime Centre of the Nigeria Police Force.

Hundeyin said the case stemmed from a data breach involving Microsoft, in which cybercriminals gained unauthorised access to confidential customer information.

According to him, Microsoft, in collaboration with the Federal Bureau of Investigation and the United States Secret Service, launched an investigation that traced the activities of the suspects to Nigeria.

He said the National Cybercrime Centre, under its Director, Commissioner of Police Ifeanyi Abuche, commenced investigations alongside Microsoft, the FBI, the US Secret Service and the United Kingdom’s National Crime Agency.

He said, “This investigation commenced following credible intelligence received from Microsoft Office U.S.A through the FBI, indicating that a malicious phishing toolkit known as Raccoon0365 was being used to create fake Microsoft login portals, harvest user credentials, and unlawfully access the email accounts of corporate organisations, financial institutions, and educational establishments. The NPF-NCCC initiated a coordinated operation with Microsoft, the FBI, and the United States Secret Service.

“Between January and September 2025, several reports of unauthorised access to Microsoft 365 accounts were traced to phishing emails designed to mimic legitimate Microsoft login pages, enabling business email compromise, internal phishing, data breaches, and other cyber-enabled fraud.”

Hundeyin said digital forensic analysis and cryptocurrency tracing uncovered wallets connected to the illegal operation.

He disclosed that police operatives were deployed to Lagos and Edo states, leading to the arrest of three suspects identified as Joshua, James and Okitipi Samuel between September 20 and October 4, 2025.

He said, “Following an extensive digital forensics and technical intelligence analysis, the centre conducted cryptocurrency tracing that identified suspicious wallets connected to cash-out schemes.

“Acting on actionable intelligence, operational teams were deployed to Lagos and Edo States, resulting in the arrest of one Joshua, James and one Okitipi Samuel on September 20th, and October 4, 2025. Search operations at their residences led to the recovery of mobile devices, laptops, and other digital exhibits linked to the elaborate and fraudulent scheme.”

Hundeyin identified Okitipi Samuel, also known as “0365” and Moses Felix, as the principal suspect and developer of the phishing infrastructure.

He said investigations revealed that Samuel operated a Telegram channel used to sell phishing links in exchange for cryptocurrency and hosted fake Microsoft login pages using stolen or fraudulently obtained email addresses.

The police spokesperson added that further investigations showed that the identities of Joshua and James were used without their consent, stressing that there was no evidence linking them to the creation or operation of the phishing scheme.

There was no evidence linking them to the creation or operation of the phishing scheme. They were victims of identity theft,” he said.

Hundeyin said a prima facie case had been established against Samuel for offences including identity theft, unlawful access to computer systems, creation and distribution of malicious software, unauthorised interference with network data, and aiding and abetting fraud.

He said the suspect would be charged under relevant provisions of the Cybercrimes (Prohibition, Prevention, etc.) Act, 2024.

Hundeyin noted that the suspects would be prosecuted in Nigeria, adding that extradition could be considered if formally requested through appropriate legal channels.

He assured Nigerians that the police, under the leadership of the Inspector-General of Police, Kayode Egbetokun, would continue to protect the country’s digital ecosystem.

Also speaking, the Director of the National Cybercrime Centre urged Nigerians to practise good cyber hygiene, advising members of the public to be cautious when clicking on links or sharing personal information online.

He warned that indiscriminate clicking of links or responding to unsolicited emails could lead to unauthorised access to personal and corporate accounts, urging citizens to verify sources before taking action online.

culled from punch .