Security News > 2021 > July > Dutch Police Arrest Two Hackers Tied to "Fraud Family" Cybercrime Ring
Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation.
Believed to be active since at least 2020, the cybercriminal syndicate has been codenamed "Fraud Family" by cybersecurity firm Group-IB. The frameworks come with phishing kits, tools designed to steal information, and web panels, which allow the fraudsters to interact with the actual phishing site in real time and retrieve the stolen user data.
"The phishing frameworks allow attackers with minimal skills to optimize the creation and design of phishing campaigns to carry out massive fraudulent operations all the while bypassing 2FA," Group-IB Europe's Roberto Martinez, senior threat intelligence analyst, and Anton Ushakov, deputy head of the high-tech crime investigation department, in a report, adding the gang "Advertises their services and interacts with fellow cybercriminals on Telegram messenger."
Infections involving Fraud Family commences with an email, SMS, or WhatsApp message impersonating well-known local brands containing malicious links that, when clicked, redirect the unsuspecting recipient to adversary-controlled payment info-stealing phishing websites.
In an alternative attack scenario, the fraudsters were observed posing as a buyer on a Dutch classified advertising platform to contact a seller and subsequently move the conversation to WhatsApp to trick the latter into visiting a phishing site.
Group-IB researchers noted the "High level of personalization" offered by the phishing websites, which not only impersonate a legitimate Dutch marketplace, but also claim to use a well-known e-commerce payment system in the country, only to lead the victim to a fake bank webpage from where the credentials are siphoned based on the bank selected.
News URL
Related news
- Police shuts down Manson cybercrime market, arrests key suspects (source)
- Police shuts down Rydox cybercrime market, arrests 3 admins (source)
- Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus (source)
- Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41 (source)
- INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled (source)
- INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million (source)
- Russia arrests one of its own – a cybercrime suspect on FBI's most wanted list (source)
- Police seizes largest German online crime marketplace, arrests admin (source)
- Cybercrime gang arrested after turning Airbnbs into fraud centers (source)
- Police arrest suspect in murder of UnitedHealthcare CEO, with grainy pics the only tech involved (source)