By Habeeb Ibrahim
Following reports of ₦160 million being allegedly diverted from the account of Nigerian influencer Martins Vincent Otse, popularly known as VeryDarkMan, a seasoned web developer, Jamiu Abiola Alapoowo, has weighed in on the controversy.
Alapoowo clarified that while websites can be compromised by hackers, such incidents typically cannot result in direct access to funds already stored in a bank account.
Reacting to VeryDarkMan’s claim that the funds were accessed “through the NGO’s website,” Alapoowo explained the role of payment gateways such as Paystack, Flutterwave, and others commonly used in Nigeria. “Hackers cannot directly access your bank account through your NGO’s website,” he stated. “What they can do is intercept or redirect ongoing transactions if the website is compromised.”
He emphasized that these payment gateways only facilitate donations and transfer funds to designated accounts, adding, “Once the funds are in your bank account, they are beyond the reach of the payment platform. If ₦160 million has been diverted, the bank’s security system needs to be scrutinized, not the website.”
BlackBox Nigeria earlier reported that VeryDarkMan had revealed ₦160 million of the ₦200 million donated to his NGO for community development was stolen. The donations included a substantial contribution of ₦100 million from music producer Don Jazzy. He claimed the hacking occurred through the organization’s website, which he likened to the NGO’s bank account.
While the incident remains under investigation, cybersecurity experts have urged caution in attributing such large-scale fund diversions solely to website vulnerabilities.
Donors and the public now await further clarification on how the alleged hack was carried out and whether recovery efforts are underway.
—
Jamiu’s Full Statement:
My name is Jamiu Abiola Alapoowo, and I am a web developer with 10 years of experience.
I understand your concern regarding the security of your NGO’s website and the reported unauthorized access to your funds. However, it’s important to clarify how payment systems work in this context.
Hackers cannot directly access your bank account through your NGO website. What they can potentially do is intercept or divert new or ongoing transactions if your website is compromised.
In Nigeria, we have several payment gateway providers, such as Paystack, Flutterwave, Korapay, Quickteller, and others. These services act as intermediaries, helping to process donations securely from your website and transferring the funds into your bank account. The specific provider used depends on the developer’s choice and the setup of your site.
For example, if Paystack is being used, it merely facilitates the donation process, allowing users to make payments via various methods. It only requires an API (not login details) to connect your website with Paystack, and you can only connect your account number with Paystack for money withdrawal. However, once the funds have been successfully transferred to your bank account, payment gateways like Paystack cannot retrieve or remove money from your account.
If your website is hacked, attackers may redirect payments to their own accounts, but they cannot access or withdraw funds already deposited into your bank account. To prevent such issues, it’s crucial to ensure your website has strong security measures in place.
Please check your bank. The fault is from there; someone has access to it.
I hope this explanation clarifies your concerns. If you need further assistance, feel free to reach out.
