Philippine police and the FBI have arrested four people over a hacking operation that targeted customers of U.S. telecommunications giant AT&T to funnel money to a Saudi-based militant group.
Those arrested on Wednesday in Manila were paid by the same group the Federal Bureau of Investigation accuses of having funded the November 2008 attacks in Mumbai, the Philippines' Criminal Investigation and Detection Group (CIDG) said.
The hacking activity resulted in almost $2 million in losses incurred by AT&T, the CIDG said in a statement.
Police in the Philippines said money from the scams was diverted to accounts of a Saudi-based group that was not identified. India blames Pakistan-based Lashkar-e-Taiba for carrying out the attacks in Mumbai that killed 166 people.
FBI spokeswoman Jenny Shearer said hackers targeted customers of AT&T, not the carrier itself. She declined to give details, saying the agency does not discuss investigations.
Hackers broke into the phone systems of some AT&T customers and made calls to expensive international premium-rate services, according to a person familiar with the situation who was not authorized to discuss it publicly.
Such scams are relatively common, often involving bogus premium-service phone lines set up across Eastern Europe, Africa and Asia.
Fraudsters make calls to the numbers from hacked business phone systems or mobile phones then collect their cash and move on before the activity is identified. Telecommunications carriers often end up footing the bill for the charges.
Jan Rasmussen, a spokeswoman for AT&T, said it wrote off some fraudulent charges that appeared on customer bills. She declined to elaborate or comment on the $2 million figure.
Earlier this week, AT&T said it was investigating an attempt to access customer information but did not believe any accounts had been breached.
The CIDG said the FBI sought the help of its Anti-Transnational and Cyber Crime Division (ATCCD) in March after it found the Saudi-based group had targeted AT&T using the hackers.
Among the four people arrested was Paul Michael Kwan, 29, who ATCCD chief Police Senior Superintendent Gilbert Sosa said had been arrested in 2007 after the FBI began an international crackdown on groups suspected of financing militant activities.
Sosa said the Filipinos were being paid by a group originally run by Muhammad Zamir, a Pakistani arrested in Italy in 2007. He said Zamir was a member of Jemaah Islamiah, a Southeast Asian militant network with links to al Qaeda.
Zamir's group, later tagged by the FBI to be the financial source of the terrorist attack in Mumbai, India, on November 26, 2008, is also the same group that paid Kwan's group of hackers in Manila, Sosa said in the statement.
Last month, Philippine police said weak laws against cyber crime and poor technical capabilities had made the country an attractive base for organised crime syndicates involved in cyber pornography, cyber sex dens, illegal gambling, credit card fraud and identity theft.
(Reporting by John Mair in Manila and Jim Finkle in Boston; Editing by Nick Macfie and John O'Callaghan)