In particular, in Nigeria, three local residents were arrested for sending phishing emails.
In a joint operation by Interpol, Group-IB and Nigeria's law enforcement agencies, a large cybercriminal group was eliminated. In particular, in Nigeria, three local residents were arrested, suspected of participating in a large organized criminal group that distributes malware, sends phishing emails and BEС attacks.
The three arrested persons are suspected of creating phishing links and domains, as well as sending mass emails, allegedly on behalf of representatives of various organizations. The attackers used these emails to distribute 26 malware, including spyware and remote access tools such as AgentTesla, Loki, Azorult, Spartan, and the NanoCore and Remcos RAT Trojans. These programs have been used to infiltrate and monitor the systems of victim organizations and individuals before further fraudulent transactions and theft of funds are carried out.
According to Group-IB experts, since 2017, cybercriminals have compromised networks in public and private companies in more than 150 countries. The experts found that the group was divided into subgroups. The investigation is still underway, and at the moment, about 50 thousand victims have been identified.
An investigation called Operation Falcon continued for a year. Interpol's cybercrime and financial crime units, together with Group-IB specialists, were able to identify criminals, establish their location and help the Nigerian police eliminate the criminal organization. Group-IB's involvement in the operation took place through Project Gateway, a framework that allows Interpol to work with private partners and obtain direct threat intelligence.
__________________
In a joint operation by Interpol, Group-IB and Nigeria's law enforcement agencies, a large cybercriminal group was eliminated. In particular, in Nigeria, three local residents were arrested, suspected of participating in a large organized criminal group that distributes malware, sends phishing emails and BEС attacks.
The three arrested persons are suspected of creating phishing links and domains, as well as sending mass emails, allegedly on behalf of representatives of various organizations. The attackers used these emails to distribute 26 malware, including spyware and remote access tools such as AgentTesla, Loki, Azorult, Spartan, and the NanoCore and Remcos RAT Trojans. These programs have been used to infiltrate and monitor the systems of victim organizations and individuals before further fraudulent transactions and theft of funds are carried out.
According to Group-IB experts, since 2017, cybercriminals have compromised networks in public and private companies in more than 150 countries. The experts found that the group was divided into subgroups. The investigation is still underway, and at the moment, about 50 thousand victims have been identified.
An investigation called Operation Falcon continued for a year. Interpol's cybercrime and financial crime units, together with Group-IB specialists, were able to identify criminals, establish their location and help the Nigerian police eliminate the criminal organization. Group-IB's involvement in the operation took place through Project Gateway, a framework that allows Interpol to work with private partners and obtain direct threat intelligence.
__________________