A pharmacist at the University of Maryland Medical Center is accused of engaging in a nearly decade-long scheme of cyber-voyeurism, in which he allegedly hacked into hundreds of hospital computers to remotely activate webcams and watch young, female doctors and medical residents undressing, breastfeeding, and engaging in private activities. According to a class-action lawsuit, the defendant used the hospital’s network to spy on the women in their private spaces.

The defendant installed malicious software on hospital computers, the lawsuit claims, which allowed him to steal the women’s personal passwords and gain access to their home networks. The women claim that he watched them in real-time through their webcams, including one incident in which he allegedly observed a woman as she breastfed her child, undressed, and engaged in intimate activities with her husband.

Additionally, the defendant is accused of disabling the camera light inside another woman's home, secretly recording her interactions with her children. One plaintiff also accuses him of hacking into her cloud account to access personal photos, as well as sensitive information like her driver’s license, passport, and credit card details. The women claim that they only became aware of the invasions of privacy when FBI agents showed them photographs and videos taken by the defendant, which had been discovered during an ongoing investigation.

As a result, they are suing the hospital for negligence, alleging that the institution failed to prevent his actions or inform them of the ongoing surveillance. The plaintiffs argue that the hospital system placed the defendant on administrative leave and eventually fired him but failed to alert his new employer of the serious allegations against him. The defendant has not been charged with any crime, according to state and federal court records.

At least five Smokeloader botnet customers arrested, over 100 servers seized

As a follow-up to the May 2024 Operation Endgame, law enforcement has detained at least five individuals linked to the use of the Smokeloader botnet. The operation led to the seizure of over 100 servers tied to major malware loader operations, including IcedID, SystemBC, Pikabot, Bumblebee, and Smokeloader. Europol reported that investigations are ongoing, with authorities analyzing seized server data and identifying customers of the cybercriminal services.

Smokeloader, operated by a threat actor known as ‘Superstar,’ was sold as a pay-per-install service granting access to compromised machines. It was used for a range of illicit activities, including ransomware deployment, cryptomining, webcam access, and keystroke logging.

A database obtained during the operation helped law enforcement link online aliases to real-world identities. Several suspects have cooperated with authorities, allowing access to their digital devices for further investigation.

On the same note, the US authorities announced that two key Rydox cybercrime marketplace administrators, Ardit Kutleshi and Jetmir Kutleshi (both citizens of Kosovo), have been extradited from Kosovo to the United States, where they face charges of identity theft, access device fraud, and money laundering.

Alleged member of the infamous "Scattered Spider" group pleads guilty

Noah Urban, also known as "King Bob," an alleged member of the notorious hacking group Scattered Spider, has pleaded guilty to multiple charges across two separate cases in Florida and California. The charges are related to his involvement in a series of cybercrimes, involving social engineering and extortion tactics targeting businesses and individuals.

Urban's actions included impersonating IT staff or help desk employees to gain unauthorized access to company networks and systems, often using SMS or phone calls to trick employees. His efforts facilitated remote access to other Scattered Spider members, enabling the group to infiltrate victim networks, steal data, and deploy ransomware to extort victims.

In Florida, Noah Urban pleaded guilty to conspiracy to commit wire fraud, wire fraud, and aggravated identity theft. In California, he pleaded guilty to one count of conspiracy to commit wire fraud. Court documents show that Urban's criminal activities involved obtaining sensitive data, including multi-factor authentication (MFA) credentials, and monetizing the access through ransomware attacks and data theft.

As part of his plea deal, Urban is required to forfeit over $13,000,000 in stolen funds to identified victims. Urban has agreed to forfeit assets, including cryptocurrency (such as Bitcoin, Ethereum, and Ripple), any cash he possesses, and physical items of value to compensate his victims. Urban faces a maximum sentence of 82 years in prison, with official sentencing scheduled for June 20, 2025.

Investment scammers who used AI tools to create deepfake ads of celebrities arrested in Spain

Spain's National Police, in collaboration with the Guardia Civil, arrested six individuals aged between 34 and 57, believed to be part of a criminal group involved in cryptocurrency investment scams. The group allegedly defrauded over €19 million from 208 victims across Spain, using fake investment schemes.

The operation, known as COINBLACK-WENDIMINE, took place in Granada and Alicante. The main leader, a woman who was planning to flee to Dubai, was arrested, along with several other members of the group. Authorities confiscated multiple devices and documents during the raids.

The scammers used artificial intelligence to create deepfake ads featuring Spanish celebrities, enticing victims to invest in fraudulent cryptocurrency schemes with promises of high returns and no risk. Victims were also tricked into paying fake taxes through impersonators posing as Europol agents or UK lawyers. The investigation revealed a total of 208 fraud cases, and over €100,000 of the stolen money has been blocked.

In a separate case, the UK government has convicted five individuals involved in romance scams and money laundering, stealing and laundering over £3.25 million from nearly 100 victims. The scammers created fake profiles on dating websites and fabricated stories to ask for money. Victims transferred money directly to the criminals or sent cash, with 40 confirmed victims and 99 suspected victims. The funds were laundered through the scammers' bank accounts.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

Nigerian national charged in $2.5M romance scam scheme

US authorities have charged a Nigerian man in connection with an alleged international romance scam scheme that defrauded victims of more than $2.5 million.

Charles Uchenna Nwadavid, 34, of Abuja, Nigeria, was arrested on April 7 at Dallas-Fort Worth International Airport upon arrival from the United Kingdom. Nwadavid was indicted in January 2024 on charges of mail fraud and money laundering. Prosecutors allege he played a central role in romance scams that targeted victims across the United States between 2016 and 2019.

According to court documents, the scams involved creating fake online personas to lure victims into romantic relationships. Once trust was established, the victims were manipulated into sending money under false pretenses, such as fabricated medical emergencies or fake inheritance claims.

If convicted, Nwadavid faces up to 20 years in prison for each count of mail fraud and money laundering, along with substantial fines, restitution, and forfeiture. He would also be subject to deportation following any prison term.