A four-month joint operation coordinated by Interpol, the international criminal police organization, resulted in the arrest of over 1,000 cybercriminals and the recovery of $ 27 million in illicit proceeds.
Code name “HAECHI-II“, the crackdown allowed law enforcement in 20 countries, as well as Hong Kong and Macao, to close 1,660 cases and freeze 2,350 bank accounts linked to fraudulent illicit funds amassed from a range of online financial crimes, such as romance scams, investment fraud and money laundering associated with illegal online gambling.
“The results of Operation HAECHI-II show that the upsurge in online financial crime generated by the COVID-19 pandemic shows no signs of slowing down,” Interpol Secretary General Jürgen Stock said in a statement. press release published on November 26.
The coordinated police investigation took place over a four-month period, from June 2021 to September 2021, with ten new criminal modus operandi identified throughout the operation.
In a sophisticated commercial email (BEC) scam, the criminals posed as the legal representative of an anonymous Colombian textile company to illegally authorize the transfer of more than $ 16 million to two Chinese bank accounts. The firm alerted authorities but not after it found itself defrauded of more than $ 8 million.
A second case involved a Slovenian company that was tricked into transferring more than $ 800,000 to money mule accounts in China. In both incidents, the money was intercepted and the stolen funds returned.
Additionally, in another example of how threat actors are quickly grasping popular trends for opportunistic exploitation, Interpol also said it uncovered a malware campaign that took advantage of the hit Netflix show south. -Korean. Squid game to distribute a Trojan horse that subscribed victims to premium paid services without their explicit approval.
Cyber security firm Proofpoint at the end of last month revealed another phishing attack involving cybercrime actor TA575 distributing Dridex malware using Squid Game decoys. “The threat actor claims to be entities associated with the global Netflix phenomenon by using emails urging targets to quickly access a new season of Squid Game or be part of the TV show’s cast,” noted Researchers.
Countries participating in HAECHI-II included Angola, Brunei, Cambodia, Colombia, China, India, Indonesia, Ireland, Japan, Korea (Rep. Of), Laos, Malaysia, Maldives, Philippines, Romania, Singapore, Slovenia, Spain , Thailand, and Vietnam.
The arrests are part of a three-year project to fight financial crime linked to cybercrime, and follow the first wave of the operation – dubbed “HAECHI-I” – carried out between September 2020 and March 2021. The investigation, which involved a subset of in the aforementioned countries, 585 people were apprehended and more than 1,600 bank accounts worldwide were frozen, while intercepting $ 83 million in illicit funds transferred from victims to authors.