Interpol Nabs Suspected Key Member Of OPERA1ER Cybercrime Group
Read also: Poly Network hacked for the second time in two years, a massive phone scam disrupted and more.
Thursday, July 6, 2023
Police detain suspected key member of OPERA1ER cybercrime group
A joint law enforcement effort called “Operation Nervone” has resulted in the arrest of an alleged key member of OPERA1ER, a highly-organized cybercrime gang that has stolen at least $11 million in more than 30 attacks across 15 countries in Africa, Asia and Latin America.
OPERA1ER, aka NX$M$, DESKTOP Group and Common Raven, is known for its attacks on financial institutions and mobile banking services using a variety of methods, including malware, phishing techniques, and business email compromise (BEC) schemes.
Interpol did not name the suspect but said the alleged kingpin was apprehended in Abidjan, Côte d’Ivoire in early June.
Request your free demo now and talk to our experts.
Police bust an international phone scam gang targeting elderly people
An international operation conducted by law enforcement agencies from Germany, Poland and the United Kingdom has resulted in the takedown of a massive phone scam scheme that defrauded hundreds of elderly people out of around €5 million.
The scammers mainly targeted elderly citizens in Germany and Poland. Posing as police officers or official authorities, the criminals would call a potential victim and inform them that one of their relatives has been responsible for an accident that caused injuries or death of others. The scammers then would demand payment for not arresting the fake relative.
The UK National Crime Agency (NCA) arrested a suspected leader of the criminal network near London, while German and Polish police conducted searches at several locations across Europe seizing mobile phones, €160,000 in cash, and electronic equipment. Throughout the investigation, 70 suspects were arrested, Europol said.
13 arrested in Singapore for involvement in the bank fraud
The Singapore Police Force arrested 13 people, aged between 19 and 35, and a 16-year-old youth, allegedly involved in a banking-related malware operation.
According to the authorities, the scammers used malicious advertisements on social media platforms like Facebook to trick victims into downloading Android malware onto their devices. This malware collected credentials from banking apps and the Singpass system allowing the miscreants to steal money from victims’ bank accounts.
Another 10 people are assisting in the ongoing investigation, the police said.
Poly Network loses at least $5M in crypto in a hack
The DeFi platform Poly Network suffered a security incident over the weekend with hackers exploiting a vulnerability in a smart contract mechanism in the bridge tool of Poly Network.
The hack impacted over 57 assets across several blockchain platforms on 10 blockchains, including Ethereum, Binance’s BNB Chain, Metis, and Polygon. Following the incident, Poly Network suspended services and urged customers to withdraw liquidity from decentralized exchanges.
By exploiting the smart contract mechanism the attacker managed to mint a massive amount of tokens - at one point, the total value in the hacker’s wallet reached $42 billion worth of cryptocurrency. However, the attacker was unable to withdraw it due to a lack of liquidity and managed to convert and steal only a fraction of digital coins.
The SSU dismantles a cybercriminal gang that hacked the bank accounts of Ukrainian citizens
The cyber department of Ukraine‘s Security Service (SSU) has taken down a hacker group that used malware to steal funds from bank accounts of Ukrainian citizens. As part of the operation, 12 suspects were detained.
In just one instance the threat actors stole ₴10 million (~$270,000) from a Kyiv notary’s deposit account belonging to the Deposit Guarantee Fund.
With the help of their co-conspirators who worked in the banks, the group obtained the personal data of residents who opened deposit accounts with the bank. The hackers then used phishing emails to obtain login credentials and gain access to victims’ accounts.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
