The Nigeria Police Force has announced the arrest of a suspect, Okitipi Samuel, in connection with an alleged cyberattack on the database of multinational technology company Microsoft. The Force Public Relations Officer, CSP Benjamin Hundeyin, disclosed this on Thursday, December 18, 2025, in Abuja while briefing journalists on the outcome of investigations conducted by the National Cybercrime Centre of the Nigeria Police Force.
Hundeyin said the investigation, led by the centre’s Director, Commissioner of Police Ifeanyi Uche, was carried out in collaboration with Microsoft, the Federal Bureau of Investigation, the United States Secret Service, and the United Kingdom’s National Crime Agency. According to him, investigators uncovered the use of a phishing toolkit known as Raccoon 0365, which was designed to create fake Microsoft login pages to steal user credentials and gain unauthorised access to email accounts belonging to corporate organisations, financial institutions, and educational establishments across several countries.
He explained that the probe began after Microsoft, through the FBI, provided credible intelligence indicating that the phishing toolkit was being deployed to harvest login details and compromise Microsoft 365 accounts. Hundeyin said that between January and September 2025, multiple cases of unauthorised access to Microsoft 365 accounts were traced to phishing emails that imitated legitimate Microsoft login portals. These attacks reportedly enabled business email compromise, internal phishing, data breaches, and other cyber-related fraud.
He added that digital forensic analysis and cryptocurrency tracing led investigators to wallets linked to the illegal operation. Based on actionable intelligence, police operatives were deployed to Lagos and Edo states, resulting in the arrest of three individuals identified as Joshua, James, and Okitipi Samuel between September 20 and October 4, 2025. Searches conducted at their residences led to the recovery of mobile phones, laptops, and other digital devices connected to the scheme.
Hundeyin identified Okitipi Samuel, also known as Moses Felix and “0365,” as the main suspect and developer of the phishing infrastructure. He said Samuel operated a Telegram channel used to sell phishing links in exchange for cryptocurrency and hosted fraudulent login pages on Cloudflare using stolen or illegally obtained email addresses. The police spokesperson added that investigations showed Samuel had unlawfully used the email details of one of the arrested individuals without consent to register some of the accounts used in the operation.
Further findings revealed that Joshua and James were victims of identity theft, as their identities were used without their knowledge. Hundeyin said there was no evidence linking them to the creation or operation of the phishing scheme. He said a prima facie case has been established against Samuel for identity theft, unlawful access to computer systems, creation and distribution of malicious software, unauthorised interference with network data, and aiding and abetting fraud. The suspect will be charged under relevant provisions of the Cybercrimes (Prohibition, Prevention, etc.) Act, 2024.
Hundeyin stated that the suspect will be prosecuted in Nigeria, noting that while the country has the capacity to enforce its cybercrime laws, extradition could be considered if formally requested through due process. He assured the public that the police, under the leadership of the Inspector-General of Police, Kayode Egbetokun, remain committed to safeguarding Nigeria’s digital space and urged citizens to practise good cyber hygiene.
Speaking separately, the Director of the National Cybercrime Centre, CP Ifeanyi Uche, also cautioned Nigerians to be vigilant online. He advised the public to avoid clicking on links from unknown or unexpected sources, warning that such links often contain malware or phishing tools designed to compromise devices and personal data. Uche further warned that responding to unsolicited emails or indiscriminately clicking links could lead to unauthorised access to personal and corporate accounts, urging Nigerians to verify sources before taking any action online.
Source: https://m.lindaikejisblog.com/
