60 Law Enforcement Agencies from 50 Countries Arrested 31 Alleged Cybercriminals, 70 Suspects Identified
Read also: Trio accused of SIM-swap attacks linked to a $400 million FTX hack, BTC-e operator indicted for money laundering, and more
Thursday, February 8, 2024
Over 30 suspected cybercriminals arrested in a global Interpol-led operation
A global coordinated effort involving 60 law enforcement agencies from more than 50 countries and led by Interpol has resulted in the arrest of 31 alleged cybercriminals. An additional 70 suspects have been identified for further investigation.
Dubbed ‘Operation Synergia,’ the initiative was aimed at combating phishing, malware, and ransomware attacks. During the operation, which took place from September to November 2023, over 1,300 suspicious IP addresses or URLs were identified.
70% of the command-and-control (C2) servers identified have been successfully taken down, with the remainder currently under investigation, according to Interpol. In Europe, where a substantial portion of the C2 servers were located, 26 arrests were made. Meanwhile, the efforts of the Hong Kong and Singapore police led to the takedown of 153 and 86 servers, respectively.
Africa, South Sudan and Zimbabwe also saw significant takedowns, resulting in the arrest of four suspects. Additionally, Bolivia mobilized various public authorities to identify malware and address the resulting vulnerabilities.
Request your free demo now and talk to our experts.
BTC-e operator indicted for running a massive cybercrime and money laundering scheme
The US authorities revealed charges against Aliaksandr Klimenka, a 42-year-old Belarusian and Cypriot national, in connection with his alleged operation of BTC-e, a major digital currency exchange linked to the massive hack of the Mt. Gox bitcoin exchange, which never recovered after a theft of 744,408 bitcoin and had to shut down in 2014.
According to the indictment, spanning from 2011 to July 2017, Klimenka allegedly played a key role in controlling BTC-e, alongside another suspected exchange operator, Alexander Vinnik and other collaborators. Additionally, Klimenka was purportedly at the helm of Soft-FX, a technology services company, and FX Open, a financial company.
BTC-e, as per the indictment, is alleged to have been a significant hub for cybercrime and online money laundering, providing users with a platform to trade bitcoin with a high degree of anonymity. The service is accused of receiving criminal proceeds from various crimes, including computer intrusions, hacking incidents, ransomware, identity theft, corrupt public officials, and narcotics distribution.
Klimenka's arrest took place in Latvia in December 2023, at the request of the United States. He was charged with money laundering conspiracy and operation of an unlicensed money services business. If convicted, he may face up to 25 years in prison.
Ex-CIA hacker Joshua Schulte sentenced to 40 years for the massive WikiLeaks leak
Joshua Adam Schulte, a former CIA software developer, has been sentenced to 40 years in prison for a series of crimes, including espionage, computer hacking, contempt of court, making false statements to the FBI, and child pornography. The 35-year-old New York resident's actions have been described as the largest data breach in the history of the Central Intelligence Agency (CIA), resulting in one of the most significant leaks of classified information known as Vault7 in the United States.
According to court documents, Schulte was employed at the Center for Cyber Intelligence (CCI) from 2012 to 2016, working on offensive cyber operations, including cyber espionage against terrorist organizations and foreign governments. Alongside his colleagues, Schulte developed tools used in human-enabled operations that involved individuals with access to the targeted computer networks.
In March 2016, a personnel dispute led to Schulte's transfer within CCI. As a result, he was removed from a development project but abused his administrator powers in April 2016 to grant himself privileges over the project. After the breach was detected by CCI leadership, administrator privileges were transferred to another division.
However, Schulte had opened an administrator session on a server before losing his privileges. In April 2016, he used this secret session to restore his revoked privileges, breach backups, steal copies of the entire CCI tool development archives, and revert the network to its previous state. He attempted to cover his tracks by deleting hundreds of log files.
Trio accused of SIM-swap attacks linked to the $400 Million FTX hack
Three individuals have been charged by US authorities for their alleged roles in orchestrating a series of SIM-swap attacks linked to the $400 million hack of FTX, one of the largest digital currency exchange platforms, in 2022. The hack occurred just hours after the exchange filed for bankruptcy.
The accused individuals have been identified as Robert Powell (known as R, R$, EISwapo1), Carter Rohn (known as Carti, Panslayer), and Emily Hernandez (known as Em). They are facing charges related to stealing the identities of 50 victims and convincing telecom providers to transfer the victims’ phone numbers to devices controlled by the defendants.
Powell, believed to be the mastermind behind the scheme, allegedly gained access to an FTX employee's AT&T account, obtaining authentication codes needed for accessing the company’s online accounts. The defendants then transferred over $400 million in virtual currency out of FTX's crypto wallets.
Powell faces charges related to wire fraud and aggravated identity theft. He has been released on a $10,000 bond. Carter Rohn and Emily Hernandez charged with wire fraud, aggravated identity theft and access device fraud.
A security researcher arrested in a $2.5 million Apple hacking scheme
Noah Roskin-Frazee, a security researcher known for reporting vulnerabilities to tech giants like Apple, was arrested and charged with orchestrating a sophisticated hacking scheme targeting the Cupertino-based company. Alongside Roskin-Frazee, Keith Latteri from New Jersey and Ohio also faces charges in connection with the $2.5 million fraud operation.
The indictment alleges that the duo initiated the scheme in December 2018, continuing until at least March 2019, leveraging a password reset tool to break into an employee account belonging to Company B, a firm providing customer support services to Apple. They then obtained further employee credentials, granting access to Company B's VPN servers, and consequently, Apple's systems.
With the help of Apple's “Toolbox” app used for managing product orders, the defendants placed fraudulent orders and fraudulently manipulate orders for the company’s products and services for private financial gain, obtaining over $2.5 million in electronic gift cards, products and services. They also deployed malicious scripts to maintain persistence on Company B's computers, further facilitating their fraudulent activities.
The defendants executed their scheme through the company B’s computers located in India and Costa Rica, to which they had remote access. Additionally, the accused created accounts with shipping services under false identities and used disposable email addresses to cover their tracks.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
