Muhammad Basheer HotoroThe Nigeria Police Force has arrested a Nigerian man, Okitipi Samuel, over his alleged involvement in a global cyberattack targeting Microsoft 365 users.
International Investigation
Police spokesperson Benjamin Hundeyin said the arrest followed investigations by the National Cybercrime Centre, working with Microsoft, the FBI, the US Secret Service, and the UK National Crime Agency.
How the Hack Worked
Investigators found that a phishing tool called “Raccoon 0365” was used to create fake Microsoft login pages. These fake portals were used to steal user login details and gain access to email accounts of companies, banks, and schools across several countries.
Timeline of the Cybercrime
Between January and September 2025, many Microsoft 365 users reported unauthorised access to their accounts. The attacks led to email compromise, data theft, and other online fraud.
Arrests and Seizures
Police tracked cryptocurrency wallets linked to the fraud and arrested three suspects—Joshua, James, and Okitipi Samuel—in Lagos and Edo states between September 20 and October 4, 2025. Devices such as laptops and mobile phones were recovered.
Key Suspect Identified
Hundeyin said Okitipi Samuel, also known as “0365” and Moses Felix, is believed to be the main suspect and the developer of the phishing system used in the attacks.
