The Nigeria Police Force has arrested Okitipi Samuel, a Nigerian national accused of developing and operating a sophisticated phishing toolkit known as "RaccoonO365" (also referred to as "Raccoon 0365"), used to target Microsoft 365 user credentials worldwide.
Force Public Relations Officer CSP Olumuyiwa Hundeyin announced the arrest during a media briefing in Abuja on Thursday, detailing the findings of an investigation led by the National Cybercrime Centre (NPF-NCCC) under Director Commissioner of Police Ifeanyi Uche.
The probe was launched in collaboration with Microsoft, the U.S. Federal Bureau of Investigation (FBI), the U.S. Secret Service, and the U.K.'s National Crime Agency, following intelligence from Microsoft via the FBI about the malicious toolkit.
"RaccoonO365" enabled the creation of fake Microsoft login portals to steal credentials, leading to unauthorized access of email accounts at corporations, financial institutions, and educational organizations across multiple countries.
From January to September 2025, numerous incidents of Microsoft 365 breaches were linked to phishing emails mimicking official login pages, facilitating business email compromise, data theft, and fraud.
Digital forensics and cryptocurrency tracing pinpointed suspicious wallets tied to the scheme. Police raids in Lagos and Edo states between September 20 and October 4, 2025, resulted in the arrests of three individuals: Joshua, James, and Okitipi Samuel. Devices and digital evidence recovered from their homes were linked to the operation.
Further analysis identified Samuel, also known by aliases "0365" and Moses Felix as the primary developer and operator.
He allegedly ran a Telegram channel selling phishing links for cryptocurrency and hosted fake pages on Cloudflare using fraudulently obtained emails.
Samuel is accused of stealing the identities of the other two arrestees without their knowledge to register accounts for the scheme.
"There was no evidence linking [Joshua and James] to the creation or operation of the phishing scheme. They were victims of identity theft," Hundeyin stated.
A prima facie case has been established against Samuel for offenses including identity theft, unauthorized computer access, malware distribution, network interference, and aiding fraud.
He will face charges under the Cybercrimes (Prohibition, Prevention, etc.) Act, 2024.The arrest follows Microsoft's earlier disruption of related infrastructure in September 2025, highlighting ongoing international efforts to combat phishing-as-a-service operations.
Hundeyin urged the public to exercise caution with online links and personal information to bolster cyber hygiene.
Click to signup for FREE news updates, latest information and hottest gists everyday
Advertise on NigerianEye.com to reach thousands of our daily users
No comments
Post a Comment
Kindly drop a comment below.
(Comments are moderated. Clean comments will be approved immediately)
Advert Enquires - Reach out to us at NigerianEye@gmail.com