MANILA, Philippines – The National Bureau of Investigation-Cybercrime Division (NBI-CCD) on Friday, June 21, arrested a Manila Bulletin personnel and two others for alleged hacking of Facebook accounts, banks, and government websites.

The NBI said in a press statement that the arrests were made based on “numerous information regarding recent incidents involving multiple unauthorized access attempts and breaches of private and government websites.”

“To gather information crucial to identifying and apprehending the Subjects, NBI-CCD tracked the movements of the identified hacker known by aliases such as ‘kangkong’, ‘Mirasol’, ‘Sibat’, ‘Ricardo Redoble’, and ‘lulu’. Operatives likewise monitored online activities and gathered data from various sources like social media, forums, and public databases to establish patterns and connections linked to the hacker’s activities,” the press statement said.

Those arrested are a “data officer” from Manila Bulletin, a “cybersecurity researcher” from an unnamed company from BGC, and a “graduating student.” Though they were presented to the media during the NBI-CCD press conference on Friday, they were not identified and wore masks, dark glasses, hoodies, and caps.

The NBI said the hackers are members of the groups Pinoy LulzSec and Globalsec. The NBI has recommended charges against the hackers for violations of the Cybercrime Prevention Act of 2012 and the Data Privacy Act of 2012.

“Controlled viewing of the phone seized from one of the Subjects showed contained scripts and databases obtained from LGU and various government websites, as well as Facebook users’ credentials. Moreover, Subject Illusion’s phone contained data related to hacked banks including Philippine National Bank, Security Bank, Banco de Oro, and Union Bank,” the NBI said in its statement.

Jeremy Lontoc, chief of the Cybercrime Division, said during the press conference that the Manila Bulletin data officer pointed to his editor at the news daily in his extrajudicial confession.

“‘Yung isa po rito ay data officer ng Manila Bulletin. As a matter of fact, ang ina-allege niya base sa kanyang extrajudicial confession, ang may hawak sa kanya, at naguutos sa kanya mag-exploit ng mga system ay editor ng Manila Bulletin,” Lontoc said.

(One of them is a data officer from Manila Bulletin. As a matter of fact, he alleged, based on his extrajudicial confession, the one handling him and ordered him to exploit systems is an editor of Manila Bulletin.)

Lontoc said that the claims against the editor, whom he did not name, are under investigation.

It was the arrested Manila Bulletin data officer who named Art Samaniego Jr. as the editor described by Lontoc in his statements earlier. Samaniego is the technology editor and ICT head of the Manila Bulletin.

“Nakilala ko si sir Art during my Pinoy LulzSec days. I would send him details of my exploit. [I’ll] show him my proof of concept, para mapatunayan ako mismo ‘yung naghack at may hacking na nangyari,” the suspect said at the press conference.

(I met sir Art during my Pinoy LulzSec days. I would send him details of my exploit. I’ll show him my proof of concept, so I can prove that I did the hacking and a hacking took place.)

The suspect claimed that their engagements started in 2019, and that it was Samaniego who got him into Manila Bulletin. He alleged that Samaniego’s most recent request was for him to look for vulnerabilities in the 1Sambayan opposition coalition app.

“Nag-ask siya sa ‘kin kung puwede kong i-check ‘yung [1Sambayan app]…. ‘Check’ means look for vulnerabilities. Nakahanap po ako ng vulnerability, at na-pull ko ‘yung data ng volunteers,” the suspect said.

(He asked me if I could check the 1Sambayan app…. “Check” means look for vulnerabilities. I found a vulnerability, and pulled the data of the volunteers.)

The 1Sambayan app was hit by a data breach in June 2021.

Samaniego denied that he ordered the hacking accusations, as quoted by DZRH, saying, “The burden of proof is on the one who accuses.”

Rappler has also reached out to Samaniego. The Manila Bulletin published a statement on their Facebook page, saying, “We assure the public of Manila Bulletin’s utmost fidelity to the laws of the land.”

Samaniego is also a co-lead convenor for the group Scam Watch Pilipinas, and routinely appears in media interviews for matters relating to cybersecurity. – Rappler.com