Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property crime, netting the gang about €10 million in illegal proceeds in just a year. "The suspects defrauded hundreds of victims through phishing attacks and other types of online fraud such as SIM swapping and business email compromise before laundering the money through a wide network of money mules and shell companies," Europol said in a statement published today.
Another alleged member of the TrickBot gang has been apprehended, this time when trying to leave South Korea, according to published reports.His arrest was the result of an investigation U.S. authorities began into TrickBot during his time in South Korea after the botnet was used "To facilitate ransomware attacks across the US throughout 2020," according to the report.
The operators of the Mozi IoT botnet have been taken into custody by Chinese law enforcement authorities, nearly two years after the malware emerged on the threat landscape in September 2019. "Mozi uses a P2P network structure, and one of the 'advantages' of a P2P network is that it is robust, so even if some of the nodes go down, the whole network will carry on, and the remaining nodes will still infect other vulnerable devices, that is why we can still see Mozi spreading," said Netlab, which spotted the botnet for the first time in late 2019.
A Tallinn man was arrested a week ago in Estonia under suspicion that he has exploited a government photo transfer service vulnerability to download ID scans of 286,438 Estonians from the Identity Documents Database. "During the searches, investigators found the downloaded photos from a database in the person's possession, along with the names and personal identification codes of the people," Oskar Gross, head of the police's cybercrime unit, said.
Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. Believed to be active since at least 2020, the cybercriminal syndicate has been codenamed "Fraud Family" by cybersecurity firm Group-IB. The frameworks come with phishing kits, tools designed to steal information, and web panels, which allow the fraudsters to interact with the actual phishing site in real time and retrieve the stolen user data.
Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named "Fraud Family." According to the Dutch National Police, the man worked together with a 15-year-old accomplice to develop and sell phishing panels that allowed cybercriminals to steal banking credentials from unsuspecting users.
Law enforcement authorities with the Interpol have apprehended a threat actor responsible for targeting thousands of unwitting victims over several years and staging malware attacks on telecom companies, major banks, and multinational corporations in France as part of a global phishing and credit card fraud scheme. The cyber attacks involved deploying a phishing kit consisting of web pages that spoofed banking entities in the country, followed by sending mass emails mimicking the targeted companies, prompting email recipients to enter login information on the rogue website.
The troika was wanted for allegedly operating a bank-raiding crimeware "Service" known as Gozi, based on zombie malware that used a technique known as HTML injection to trick victims into revealing personal information relating to their on-line banking. But if you can plant malware on the victim's PC, you can use what's known as an MiTB attack, or "Manipulator in the browser".
The Clop ransomware operation is back in business after recent arrests and has begun listing new victims on their data leak site again. While the Clop operation laid low for about a week, the ransomware gang has sprung back into action yesterday after releasing the data for two new victims on their ransomware data leak site.
Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019. The ransomware attacks amount to $500 million in monetary damages, the National Police said, noting that "Law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalizing criminally acquired cryptocurrencies."