BHUBANESWAR: A hacker has allegedly transferred online Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS) funds to the accounts of several fake beneficiaries in Balangir district.The police have so far established the trail of nearly Rs 10 lakh that was transferred illegally. They suspect more funds may have been moved out in such a manner, but declined to reveal the name of the fraudster, saying it would alert him.Till now, the online transfer of MGNREGS funds allotted to the horticulture and forest departments has been unearthed. The police said the funds were transferred by hacking the nrega.nic.in web portal from where the department concerned transfers the amount directly to the beneficiaries.The horticulture and forest departments lodged complaints with the police after they discovered that funds had been transferred through an unknown person.Deputy director (horticulture) R K Das Mohapatra said two designated employees are involved for online payment of funds and the Digital Signature Certificate (DSC) of the employees are used as a security shield. “In this case, we are clueless about how the person managed to authenticate the DSC in two stages,” he said. “We suspect that the person has hacked the District Rural Development Agency website and managed to get the DSC authenticated to access the nrega.nic.in portal.” Mohapatra said they would approach the cyber cell if the hacker is not arrested soon.Police investigations have revealed the hacker opened fake bank accounts in SBI, Patnagarh. “We have evidence that the NREGS payment from the two departments has been transferred to accounts opened in Patnagarh SBI,” said additional superintendent of police (Balangir) Jugal Kishore Banoth. “The hacker somehow got his hands on the genuine voter ID cards of some persons and opened the bank accounts.”He said the card holders had been interrogated. “The card holders expressed ignorance about the accounts,” Banoth said. “We also matched their signatures with the ones that are available with the bank. But none of them matched.”He said the fraudster stole the login ID and passwords to access the website. “Involvement of some government employees cannot be ruled out,” he said.