Leader of Global Cybercrime Gang Wanted in the US, Panama and Spain Detained in France
Read also: Cryptojacker who siphoned nearly $2 million from a major e-commerce entity arrested, “Asia’s best hacker” caught in the Philippines, and more.
Thursday, January 18, 2024
A mastermind behind a widespread vishing scheme detained in France
A suspect with three international arrest warrants for money laundering, involvement in a criminal organization, and fraud was apprehended at Charles de Gaulle International Airport in France. The unnamed suspect, who is believed to be the headman of a global fraud syndicate specializing in vishing, had arrest warrants issued by the authorities of the United States, Panama, and Spain.
The investigation into the suspect’s activities commenced in March 2023. The suspect was wanted by both Panama and the US for orchestrating an elaborate vishing scheme that involved impersonating trusted entities through telephone calls to fish out personal and sensitive information from American citizens and businesses.
The detained individual, believed to be the mastermind behind the operation, was responsible for receiving and moving funds obtained through fraudulent activities. The gang utilized a network of bank accounts operated by mules, with collaboration from other members of the organization. Over the course of a year, the suspect reportedly amassed nearly €5 million in illicit financial gains.
Once the ill-gotten gains were transferred to Spanish accounts, they were laundered through various means, including conversion into crypto assets, ATM withdrawals, investments, and transfers to third-party accounts in the UK, Panama, and Lithuania.
Request your free demo now and talk to our experts.
A cryptojacker who siphoned nearly $2 million from a major e-commerce entity arrested in Ukraine
Ukrainian police apprehended a 29-year-old individual suspected to be behind a large cryptojacking operation that stole over 75 million Ukrainian hryvnias (~$2 million) from a major e-commerce enterprise.
The arrest is a result of months-long collaboration between Ukrainian police, Europol, and an unnamed cloud provider. Europol (the EU agency for law enforcement cooperation) opened an investigation after a report from a cloud provider about compromised accounts of its customers.
The police revealed that the hacker had been infecting the servers of one of the world’s largest e-commerce entities with cryptomining malware. Leveraging custom brute-forcing software designed to crack passwords, the cybercriminal hacked 1500 accounts of a subsidiary company. Using compromised accounts, he infected the victim’s servers with a cryptominer. To keep the mining operation running, the hacker created more than a million virtual computers.
During the searches, the police officers seized evidence of illegal activities, including computer equipment, bank cards, SIM cards, and electronic storage devices. Europol has also blocked the suspect’s electronic wallets containing assets.
“Asia’s best hacker” caught in the Philippines
Philippine authorities arrested Edgar Silvano Jr., a man formerly described as “Asia's best hacker,” for his alleged involvement in illegal cyber activities targeting foreigners.
During the searches, the police seized electronic devices, mobile phones, flash drives, computer equipment, and financial documents related to land titles and vehicle purchases, containing personal and bank account information of various individuals.
Edgar Silvano Jr. was charged with offenses related to access device fraud and the illegal possession of firearms. Marie Joy Espano, believed to be an accomplice of Silvano, was also detained for obstruction of justice.
Silvano gained notoriety in 2001 after he successfully hacked an international banking system based in Hong Kong, which earned him the moniker “Asia's best hacker.” He was put in prison but was later released on probation.
A young scammer behind global e-commerce fraud arrested in Morocco
Moroccan and US authorities apprehended a Moroccan teenager believed to be a mastermind behind a sophisticated global e-commerce scam, exposing an extensive international cybercrime network.
The suspect, whose identity remains undisclosed due to his young age, is alleged to have defrauded businesses by manipulating online orders. The scheme involved swapping authentic products with empty packages, filing false claims of discrepancies with e-commerce platforms, and pocketing the resulting refunds.
The authorities believe that the suspect was involved in running websites and online forums for an international cybercrime network that provided instructions and tools designed to help execute fraud and scams to other cybercriminals and profiting from a percentage of their illicit earnings.
During the searches, the police seized a computer containing fake ID documents and mobile phones believed to have been used to recruit potential participants in the cybercrime scheme.
Two hackers are accused of stealing and selling millions of payment card details
The US authorities have unsealed two separate indictments against two Russian nationals, Aleksey Stroganov and Tim Stigal, over their alleged involvement in hacking campaigns aimed at obtaining debit and credit card numbers and personal data associated with cardholders.
Prosecutors allege that Stroganov, aka “Aleksei Stroganov,” “flint,” “flint24,” “Gursky Oleg,” “Oleg Gurskiy,” and “Строганов Алексей Тимофеевич,” and his accomplices stole data associated with hundreds of millions of credit card and banking accounts and sold access to the stolen information to other criminals, who, in turn, put the data for sale on hacker forums.
The scheme is said to have caused over $35 million in losses. Stroganov is charged with wire fraud, bank fraud, and aggravated identity theft. If found guilty, he could face more than 50 years in prison plus over $1 million in fines.
As for Tim Stigal, aka “Key” and “Тим Стигал,” he is accused of distributing stolen payment card information and extortion. In one instance, Stigal is said to have threatened a victim to expose their personal data if a ransom was not paid. The defendant could face over 35 years in prison and hefty fines if proved guilty.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
