Brazil Launches ‘Operation Redirect’ To Combat Malware Distribution
Read also: A money launderer for the Lazarus hackers arrested in Argentina, US offers $2.5M for the Angler hacker, and more.
Thursday, August 29, 2024
Brazil launches ‘Operation Redirect’ to combat illegal online music services and malware
Brazilian law enforcement authorities have launched an effort codenamed ‘Operation Redirect’ to fight digital piracy and cybercrime. The operation, supported by the International Federation of the Phonographic Industry (IFPI) and Pro-Música Brasil, is the first of its kind in Brazil to specifically target illegal websites linked to malware distribution.
Operation Redirect has led to the identification and shut down of eight websites that were sharing unauthorized music content while exposing users to malware and viruses.
The websites, which include illegal linking music sites, stream-ripping platforms, and torrent search engines, collectively received over 12 million visits in Brazil over the past year.
The operation was carried out by the Ministry of Justice and Public Security through the Cyber Operations Laboratory (CIBERLAB) of the Directorate of Integrated Operations and Intelligence (DIOPI/SENASP), as well as the Civil Police of Bahia, Mato Grosso, and Pernambuco.
Man tied to North Korean Lazarus group arrested in Argentina for money laundering
The Argentine Federal Police (PFA) have apprehended a 29-year-old Russian national in Buenos Aires on charges of money laundering connected to the notorious North Korean Lazarus hacking group. The individual, identified as V.B., is accused of facilitating the laundering of approximately $100 million in cryptocurrency, including proceeds from the high-profile 2022 Harmony Horizon hack.
V.B. allegedly operated a sophisticated money-laundering scheme from his apartment in the Argentine capital, where he is believed to have processed large sums of illicit funds using various cryptocurrency platforms. Investigations revealed that V.B. purchased over 1.3 million USDT (Tether) using Russian rubles and conducted more than 2,400 transfers via Binance Pay, totaling $4.5 million USDT.
During a search of his Buenos Aires apartment, law enforcement officials seized over $120,000 worth of cryptocurrency, alongside electronic devices that are believed to hold critical information about further illicit money transfers and connections to organized crime.
In addition, police also uncovered and seized $15 million from other properties associated with V.B. It was also found that the operation involved currency exchanges facilitated through a Telegram bot.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
The US offers a $2.5M reward for information on the Angler hacker
The United States Department of State has announced a reward of up to $2.5 million for information leading to the arrest and conviction of Volodymyr Kadariya, a 38-year-old dual national of Belarus and Ukraine. Kadariya is accused of being a key figure in a decade-long international hacking operation that affected victims worldwide.
Kadariya was charged in June 2023 with wire fraud and conspiracy to commit computer fraud. He is allegedly a close associate of Maksim Silnikau, also 38 and a dual-national of Belarus and Ukraine. Silnikau, believed to be the mastermind behind the cybercrime network, was extradited to the United States from Poland in July 2024, where he now faces multiple charges.
The cybercrime network was responsible for the creation and distribution of several ransomware strains, including Reveton and Ransom Cartel that extorted tens of millions of dollars from victims.
In addition to the ransomware activities, Silnikau's network was also behind the Angler Exploit Kit used in a series of ‘malvertising’ campaigns, involving malicious ads that delivered information-stealing malware and ransomware.
A former employee of US industrial firm tried to extort $750,000 from his employer
A former employee of a US-based industrial company has been arrested in connection with an attempted data extortion scheme targeting his former employer.
Daniel Rhyne, 57, who was employed as a core infrastructure engineer at the company, is charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud. He was taken into custody on August 27, 2024.
According to court documents, Rhyne gained access to the company’s computer systems via an administrative account and allegedly scheduled several tasks on the network, including changing administrative passwords and initiating the shutdown of company servers. He then contacted the company’s employees via email, threatening to destroy the network if a ransom of 20 Bitcoin (~ $750,000 at the time) was not paid.
The perpetrator was arrested after the police managed to trace the email address back to Rhyne. Now, he is facing decades in prison and substantial fines if found guilty. Rhyne’s next court appearance is scheduled for later this year.
Inmates hack state-issued computer tablets in a $1M digital theft
Several hundred inmates across Kentucky's correctional facilities orchestrated a digital heist, hacking their prison-issued computer tablets to generate over $1 million in fake funds. The scam, which began in December 2022, went undetected until an anonymous tip-off in early January 2023, by which time nearly $88,000 had already been spent on various digital media products.
The fraudulent “dollars” were created using an in-house prison app, accessible exclusively on the state-issued tablets provided by Texas-based Securus Technologies.
The investigation revealed that 366 inmates had collectively funneled approximately $529,000 into both their commissary and Securus accounts. The funds were used to purchase email and video visitations with loved ones, as well as access to premium digital content like games, music, and movies.
After discovering the scam, prison officials confiscated the tablets and frozen the accounts involved. While some inmates faced immediate disciplinary actions, such as solitary confinement, no formal charges have been brought against those involved as of yet.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
