Computer hacker Taweesap Lalitsasiwimon, 34, hides his handcuffs in a sheet of cloth after being arrested yesterday for breaking into the computer system of mobile-phone operator AIS.

A Thai man whose previous hacking crime earned him an entry in a book on the world's wittiest thefts has been accused of causing damage totalling more than Bt100 million to two local telecom firms.

Advanced Info Service Plc (AIS) lodged a complaint with police last month that it suffered losses of Bt8 million after an unidentified hacker got into its computer system and manipulated airtime allowances granted to AIS pre-paid cellphone users.

Two years ago, True Corp Plc, which operates Orange cellphone services, lost more than Bt105 million in a similar sting.

Police investigations have pinpointed the same hacker: Taweesap Lalitsasiwimon, 34, who is also known as Phumipat.

At the time he allegedly broke into AIS's system, Taweesap was on bail pending a review by public prosecutors on his alleged hacking into the Orange network.

The suspect, a graduate from Ramkhamhaeng University's Faculty of Political Science, denied any wrongdoing. "After his graduation, he had no permanent job," Crime Suppression Division deputy commander Colonel Kowit Wongrungroj said yesterday.

Armed with an arrest warrant, the Crime Suppression Division (CSD) yesterday raided Taweesap's apartment. He was found to have two computer notebooks, hard disks, three cellphones, phone cards, bank passbooks, ATM cards, SIM cards and a book titled "Plon Yiab Mek" - a compilation of the world's wittiest thefts, including Taweesap's hacking into the Orange network.

The book was a Thai translation of an English edition. Other crimes featured in this book included a 2005 bank robbery in Brazil, in which robbers dug a 200-metre tunnel into the bank and made off with a huge amount of cash.

Taweesap faces charges of faking documents and using those documents in the AIS case.

Kowit said Taweesap had dazzling computer skills and managed to hack into the telecom giant's network in less than 10 minutes.

"Other telecom operators can come forward if they have faced problems likely to have been caused by this suspect," the police colonel said.

Pol Lt Col Wiwat Kamcham-narn, a deputy superintendent at the CSD and chief investigator for the AIS case, said his team had traced Taweesap after locating the owner of a SIM card suspected of earning airtime allowances through manipulation.

"The owner bought the SIM card from Taweesap," Wiwat said.

He said after getting this clue, his team tried to check Taweesap's IP address.

"At first, it seemed like he had hacked into the system via Internet cafes because he used various SIM cards and Internet connections by many service providers. However, we used advanced technology and finally nailed him," he said.

Wiwat declined to disclose the technology used in the investigation.

According to an informed source, Taweesap and his accomplices broke into the Orange computer network together. But he allegedly operated alone when he hacked into the AIS system.

The source said after Taweesap broke into the AIS system, he illegally modified information on the pre-paid call cards and airtime allowances. For example, an airtime allowance worth Bt100 was changed to Bt1,000. The number of pre-paid call cards was also modified.

Taweesap announced the sale of cheap airtime allowances via pop-up ads on the Internet. Interested customers were asked to transfer money to a bank account before they got passwords for the cheap airtime via SMS.

One computer expert said it was not too difficult for an expert to hack into a network system.

"There are hacking guidelines and even hacking programmes available on the Internet," he said on condition of anonymity. He said he would be able to hack into computer systems too, but he never thought about doing it.

He said system administrators should keep checking their systems to prevent hacking and to improve anti-hacking measures all the time.

Wisit Chuanpipatpong

Mayuree Sukyingcharoenwong

The Nation