An Amsterdam appeals court has sentenced a 44-year-old man to seven years in prison for hacking port systems to help smuggle cocaine into the Netherlands.

The man is said to have been involved in a criminal network that exploited computer systems at major ports in 2020 and 2021, allowing traffickers to move drugs through Europe’s logistics hubs undetected. Prosecutors said the scheme allowed the import of 210 kilograms of cocaine via the Port of Rotterdam.

According to court documents, the hacker convinced an employee at a container terminal in Antwerp to insert a USB stick containing malware into a work computer. The malware provided a backdoor that gave the defendant remote access to systems managing containers, gates, and access passes.

The investigation was based on intercepted messages from the Sky ECC encrypted messaging service used by criminal groups before it was shut down in 2021. In the chats, the defendant gave instructions on installing the malware and later claimed to have “total control” over port operations.

The man was also found guilty of helping organize a cocaine shipment hidden in a container of wine bottles intercepted in Rotterdam in September 2020, as well as attempted extortion related to a dispute over missing drugs.

The man had previously been sentenced to 10 years by a lower court, but the appeals court reduced the term to seven years, citing the excessive length of the appeal process. His identity was not revealed.

Dozens of suspected Black Axe members arrested in Spain

34 suspected members of the Black Axe criminal network have been arrested in Spain as a result of a joint law enforcement operation involving the Spanish National Police, the Bavarian State Criminal Police Office, and Europol. Most of the arrests took place in Seville, with others carried out in Madrid, Málaga, and Barcelona.

Black Axe is a highly structured and hierarchical criminal organization hailing from Nigeria, which has a presence in dozens of countries worldwide. Black Axe is linked to a wide range of crimes, including cyber fraud, human trafficking, and robbery. The organization is associated with the Neo-Black Movement of Africa and is known for enforcing strict internal discipline, including violent and ritualized initiation practices.

Authorities estimate the group was responsible for more than €5.93 million in fraud losses. During the operation, police froze €119,352 held in bank accounts and seized €66,403 in cash. Investigators also found that the network allegedly recruited vulnerable “money mules,” mainly Spanish nationals from areas with high unemployment.

In October 2022, Interpol arrested 75 suspects during Operation Jackal, a global crackdown involving law enforcement agencies in 14 countries across four continents targeting Black Axe and other West African organized crime networks.

A hacker charged in Snapchat phishing scheme targeting hundreds of women

US authorities have charged 26-year-old Kyle Svara, of Illinois, with orchestrating a phishing operation that allegedly allowed him to hack nearly 600 Snapchat accounts belonging to women, steal private photos, and sell the content online. The defendant is accused of running the scheme between May 2020 and February 2021.

According to court documents, Svara used social engineering tactics to gather victims’ emails, phone numbers, and Snapchat usernames. He allegedly sent more than 4,500 text messages impersonating Snapchat representatives and requesting access codes, obtaining credentials from approximately 570 victims. Prosecutors say he breached at least 59 accounts and downloaded compromising images.

Authorities allege Svara advertised his hacking services on platforms including Reddit, offering to “get into girls snap accounts” for paying clients or to trade stolen material. Communications with potential customers were carried out via encrypted messaging apps such as Kik.

One of Svara’s clients was Steve Waithe, a former Northeastern University track and field coach, who hired the defendant to hack the Snapchat accounts of Northeastern students and athletes. Waithe was sentenced in March 2024 to five years in prison for sextortion, cyberstalking, and cyber fraud after targeting at least 128 women.

Prosecutors also say Svara targeted students at Colby College in Maine and women in Plainfield, Illinois, in a separate incident. He now faces charges including aggravated identity theft, wire fraud, computer fraud, and making false statements related to child pornography. Svara is scheduled to appear in federal court on February 4, 2026. If convicted, he faces significant prison time, including a mandatory minimum of two years for aggravated identity theft and up to 20 years for wire fraud.

Admin of AVCheck malware testing service arrested in the Netherlands

Dutch police have arrested the alleged administrator of the AVCheck cybercrime service, which was a platform used by criminals to test malware against antivirus software. Authorities say the service allowed cybercriminals to repeatedly test and improve malicious files to evade detection before deploying them in real-world attacks.

AVCheck was seized by Dutch police in May 2024 in coordination with Finnish authorities as part of Operation Endgame, a major international law enforcement effort targeting cybercrime infrastructure.

The initiative led to the disruption of multiple malware networks, including the DanaBot botnet and the Lumma Stealer information-stealing malware. Authorities say intelligence gathered during the operation led to a separate investigation into the suspect and two Amsterdam-based companies linked to him.

The suspect, a 33-year-old Dutch national, was detained on Sunday evening at Schiphol Airport after returning from the United Arab Emirates.

According to the National Public Prosecutor’s Office (LP), the man and his companies are suspected of helping criminals by letting malware developers test whether antivirus tools could detect their malware. During the investigation, authorities discovered that the suspect had deregistered from the Netherlands and relocated to the UAE. The authorities have also seized data storage devices belonging to the suspect. The devices are currently being analyzed as part of the ongoing probe.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

RedVDS cybercriminal subscription service linked to multi-million fraud campaigns shut down

Microsoft has shut down a cybercrime service called ‘RedVDS’ that was responsible for more than $40 million in scam losses.

The marketplace sold cheap access to disposable virtual computers running pirated software that helped criminals send phishing emails, run scams, and hide their identities. The service, which cost as little as $24 a month and accepted cryptocurrency, had been operating since 2019.

Microsoft worked with law enforcement agencies in the US, Europe, and the UK to take the platform offline. Authorities seized key internet domains and a server in Germany. No arrests have been announced.

According to Microsoft, RedVDS was used to send millions of phishing emails every day, with more than 191,000 organizations worldwide falling victim to the attacks. Many of the scams involved tricking businesses and individuals into sending money to the wrong bank accounts (business email compromise).

Microsoft said criminals used RedVDS to run scams across many industries and, in some cases, used AI tools to write more convincing emails.