Developer Linked to LockBit and Conti Ransomware Gangs Arrested in Ukraine
Read also: 22 Chinese Cybercriminals Get Long Prison Sentences In Zambia, two Bangladeshi cops accused of selling citizens’ data, and more.
Thursday, June 13, 2024
A developer linked to LockBit and Conti ransomware gangs arrested in Ukraine
Ukrainian authorities have apprehended a 28-year-old native of the Kharkiv region accused of developing malware for the infamous LockBit and Conti ransomware operations. According to the police, the suspect had been working with Russian hacker groups, receiving payment in cryptocurrencies for his services.
The suspect allegedly developed “cryptors,” specialized software designed to mask malware as legitimate files, effectively evading detection by popular antivirus programs. These cryptors were used in the Conti ransomware attacks that targeted the computer networks of companies in the Netherlands and Belgium. During the raids conducted in Kyiv and the Kharkiv region, police seized computer equipment, mobile phones, and handwritten notes.
In separate news, a 16-year-old teen was arrested in France on suspicion of being involved in a malware rental business. The unnamed suspect, known online as “ChatNoir” and “Casquette,” is believed to be a key member of the Epsilon hacking group responsible for stealing data from French companies and media outlets.
Over 20 Chinese cybercriminals get long prison sentences in Zambia
A Zambian court has sentenced 22 Chinese nationals to long prison terms for their involvement in a multinational cybercrime operation that targeted individuals in Zambia, Singapore, Peru, and the United Arab Emirates. The sentences range from seven to eleven years of imprisonment. In addition to their prison terms, the defendants were fined amounts between $1,500 and $3,000.
The individuals pleaded guilty to charges that included computer-related misrepresentation, identity fraud, and illegally operating a network or service. A Cameroonian national involved in the same criminal activities was also sentenced and fined.
These sentences are the result of a broader crackdown on a sophisticated internet fraud syndicate. In April, Zambian authorities arrested a total of 77 individuals, mostly Zambians, during a raid on a Chinese-run business in an upscale Lusaka suburb. Authorities seized over 13,000 local and foreign mobile phone SIM cards, two firearms, and 78 rounds of ammunition.
The investigation started following a noticeable increase in cyber-related fraud cases. Many victims reported unexplained losses from their mobile phones or bank accounts, prompting a comprehensive probe.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
Two Bangladeshi cops accused of leaking citizens’ data on Telegram
Senior officials working for the anti-terror police in Bangladesh have been accused of selling classified and personal information of citizens to criminals via the messaging app Telegram. This included national identity details, cell phone call records, and other classified information.
The police agents sold data obtained through the National Intelligence Platform (NIP) run by the National Telecommunications Monitoring Center (NTMC). NIP is an internal web portal housing classified information on citizens, access to which have law enforcement and intelligence agencies.
The investigation into the alleged sale of data revealed that the accused accessed the NIP platform more often than other users and collected information that was unrelated to their duties.
Currently, it remains unclear whether the two police officers were formally charged. The investigation is still ongoing.
London police arrest 2 suspects for using a homemade antenna to send thousands of smishing messages
The UK authorities have apprehended two individuals suspected of employing a homemade mobile antenna to distribute thousands of smishing messages posing as UK banks and other official organizations.
The duo, using a device referred to as a “text message blaster,” managed to circumvent telecommunications security systems designed to intercept and block SMS spam.
This marks the first known instance in the UK of an illicit telephone mast being utilized as an SMS blaster to send fraudulent messages, bypassing network defenses.
The first suspect was detained on May 9, 2024, in Manchester, and a subsequent arrest was made on May 23 in London.
Huayong Xu, 32, of Alton Road, Croydon, was charged with possession of articles for use in fraud. Xu has been remanded in custody and is scheduled to appear at court on June 26. The second individual arrested has been released on bail pending further inquiries.
Turkish student arrested for using AI to cheat on university entrance exam
A Turkish student has been arrested for using an elaborate AI-powered setup to cheat during a university entrance exam. The student was apprehended by Turkish authorities after he was spotted acting suspiciously during the exam.
The student used a tiny camera disguised as a shirt button to scan exam questions, a router hidden in the shoe sole to transmit images to an AI model over the internet, and an earpiece to receive answers. The investigation also revealed that a mobile phone was used for transmitting information to an accomplice.
A video released by the police showed the system successfully scanning questions and delivering answers through the earpiece in a foreign language.
A co-conspirator, who allegedly assisted the student, was also detained. Both individuals now face serious charges, and the student has been sent to jail to await trial.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
