British Cops Set Up Fake DDoS-for-Hire Sites to Harvest Info on Customers
Read also: Australian police dismantles cyber crime syndicate, GhatGPT abused for phishing attacks, and more.
Thursday, March 30, 2023
NCA creates fake “booter” sites to infiltrate criminal underground
UK National Crime Agency (NCA) has revealed it has been operating a number of bogus DDoS-for-hire websites as part of the program aimed at disrupting and undermining DDoS as criminal service.
The fake sites, which have been accessed by several thousands of people so far, claimed to offer cyber crime tools to launch DDoS attacks. In reality, users who registered on the platforms had their data collated by investigators.
The NCA says that UK-based users will be warned by the agency or police about engaging in cyber crime. Data related to overseas users is being passed to international law enforcement.
Australian police arrested scammers who stole $1.7 million
The Australian Federal Police arrested four people in Brisbane, Adelaide and Melbourne allegedly involved in a cyber criminal syndicate that laundered $1.7 million stolen from at least 15 victims between January 2020 and March 2023.
An investigation into the group’s activities, which started in October 2021, revealed that the syndicate was behind multiple cyber fraud operations, including BEC schemes, attacks targeting Facebook users, and fraudulent superannuation investments. Individual losses from scams ranged from $2500 to nearly $500.000.
The syndicate allegedly operated a network of 180 accounts, opened in South African banks using stolen identities to transfer and launder illegally obtained money, the police said.
Indian drug giant Sun Pharma expects revenue drop due to a ransomware attack
Sun Pharmaceutical Industries, India’s third-most-valuable drug maker, says it was hit by a ransomware attack on March 2, 2023, which saw some of the company’s corporate information and personal data stolen.
The company said it has taken steps to contain the damage, resulting in its business operations being impacted. The Mumbai-based firm had not shared any further details regarding the culprit behind the attack or the extent of the breach.
According to media reports, Sun Pharmaceutical has been targeted by the notorious Black Cat/AlphV ransomware group, who listed the company on their data leak website on March 24.
Cyber actors are now using ChatGPT for phishing scams
EU’s police force, Europol, released a report detailing how miscreants with little technical knowledge can abuse large language models (LLMs) like the popular AI-powered chatbot ChatGPT to perpetrate various types of cyber fraud (phishing, BEC scams, etc.), or launch propaganda and disinformation campaigns to support terrorism.
Thanks to its capabilities ChatGPT can be an extremely useful tool for phishing gangs (especially non-English-speaking) as it makes it possible to impersonate an organization or a person in a highly realistic manner even with only a basic grasp of the English language.
In fact, threat actors have already started harnessing AI’s power to generate phishing emails containing malicious code. Earlier this year, an unnamed Indian company fell victim to a phishing scam, where cybercrooks used ChatGPT to create realistic-looking phishing emails and SMS messages.
DeFi protocol SafeMoon compromised in $8.9 million hack
Decentralized finance (DeFi) project SafeMoon has lost roughly $8.9 million after a hacker exploited a public burn bug in the smart contract function. This allowed the intruder to drain WBNB (a wrapped version of the Binance native tokens) from the platform’s liquidity pool.
SafeMoon has acknowledged the hack on Twitter, without sharing details on the incident. According to the company’s CEO John Karony, other LP pools on the DEX have not been impacted, and not have any of upcoming upgrades and releases.
What’s next:
- Follow ImmuniWeb on Twitter and LinkedIn
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Cybercrime Prosecution Weekly is a digest of most important events related to cybercrime investigation and prosecution, cyber law, as well as to new data breaches and security incidents that deserve attention of our customers and partners. 
