- Joined
- Nov 26, 2020
- Messages
- 716
7 months of investigation, $1.3 million confiscated. Hackers will get what they deserve.
Singapore police have announced the extradition of two men from Malaysia on charges of participating in a mobile malware campaign targeting the country's citizens from June 2023.
The men, aged 26 and 47, whose names were not disclosed, engaged in fraudulent activity by forcing users to download malicious apps to Android devices through phishing campaigns to steal their personal data and bank credentials. The information obtained was used to conduct fraudulent transactions on the victims ' bank accounts, which led to financial losses of the latter.
After a seven-month investigation that began in November 2023 in collaboration with the Hong Kong Police, the Royal Malaysian Police, and the Group-IB information security company, the Singapore police found evidence linking the two men to a criminal group responsible for carrying out malicious attacks.
According to the police, the men managed servers designed to install a special malicious application on the victims 'smartphones that allows them to control infected devices and "change their contents", which made it easier for subsequent theft of funds from the victims ' bank accounts.
"Assets, including cryptocurrencies and real estate with a total value of approximately $1.33 million, were confiscated from the arrested individuals," Singapore Police said.
Group-IB experts said that malicious applications used in this campaign were often disguised as offers of special prices for goods and products and contained functions for collecting a wide range of information.
"Once installed and granted the necessary permissions, RAT allowed attackers to remotely control an Android device by capturing sensitive personal data and passwords using keylogger and screen capture features," the company said.
The Trojan allowed attackers to track SMS messages containing one-time passwords sent by financial institutions for two-factor authentication. In addition, it helped track the geolocation of the device and its user in real time.
"Working unnoticed in the background, the malware remained active even after the device was rebooted," the experts added.
One of the suspects can receive up to seven years in prison, a fine of up to $50,000, or both punishments at once. The other is a fine of up to $500,000, up to 10 years in prison,or both.
The arrest in Singapore took place as part of the international operation DISTANTHILL. Among other achievements of law enforcement officers, it is worth highlighting the detention of four people suspected of similar actions in Taiwan. In total, 16 cybercriminals were detained as part of the operation. It is estimated that more than 4,000 people were victims of their fraud.
It is noteworthy that these events take place against the backdrop of charges by the US Department of Justice against two men — Thomas Pavey and Raheim Hamilton, who ran the Empire Market darknet market. This marketplace allowed thousands of sellers and buyers to trade illegal goods and services anonymously. The total revenue from all illegal transactions amounted to an impressive $430 million, and criminals may well be jailed for life.
Singapore police have announced the extradition of two men from Malaysia on charges of participating in a mobile malware campaign targeting the country's citizens from June 2023.
The men, aged 26 and 47, whose names were not disclosed, engaged in fraudulent activity by forcing users to download malicious apps to Android devices through phishing campaigns to steal their personal data and bank credentials. The information obtained was used to conduct fraudulent transactions on the victims ' bank accounts, which led to financial losses of the latter.
After a seven-month investigation that began in November 2023 in collaboration with the Hong Kong Police, the Royal Malaysian Police, and the Group-IB information security company, the Singapore police found evidence linking the two men to a criminal group responsible for carrying out malicious attacks.
According to the police, the men managed servers designed to install a special malicious application on the victims 'smartphones that allows them to control infected devices and "change their contents", which made it easier for subsequent theft of funds from the victims ' bank accounts.
"Assets, including cryptocurrencies and real estate with a total value of approximately $1.33 million, were confiscated from the arrested individuals," Singapore Police said.
Group-IB experts said that malicious applications used in this campaign were often disguised as offers of special prices for goods and products and contained functions for collecting a wide range of information.
"Once installed and granted the necessary permissions, RAT allowed attackers to remotely control an Android device by capturing sensitive personal data and passwords using keylogger and screen capture features," the company said.
The Trojan allowed attackers to track SMS messages containing one-time passwords sent by financial institutions for two-factor authentication. In addition, it helped track the geolocation of the device and its user in real time.
"Working unnoticed in the background, the malware remained active even after the device was rebooted," the experts added.
One of the suspects can receive up to seven years in prison, a fine of up to $50,000, or both punishments at once. The other is a fine of up to $500,000, up to 10 years in prison,or both.
The arrest in Singapore took place as part of the international operation DISTANTHILL. Among other achievements of law enforcement officers, it is worth highlighting the detention of four people suspected of similar actions in Taiwan. In total, 16 cybercriminals were detained as part of the operation. It is estimated that more than 4,000 people were victims of their fraud.
It is noteworthy that these events take place against the backdrop of charges by the US Department of Justice against two men — Thomas Pavey and Raheim Hamilton, who ran the Empire Market darknet market. This marketplace allowed thousands of sellers and buyers to trade illegal goods and services anonymously. The total revenue from all illegal transactions amounted to an impressive $430 million, and criminals may well be jailed for life.
