iServer Phishing Platform That Ensnared Nearly 500K Victims Dismantled In A Global Police Op
Read also: Two crypto thieves arrested in the US, the creator of the Skynet Dark Web market sentenced, and more.
Thursday, September 26, 2024
Police op dismantles the iServer phishing platform
Law enforcement agencies from Europe and Latin America have dismantled an online phishing platform called ‘iServer’ used for unlocking stolen mobile phones and tricking hundreds of thousands of victims. The platform, which has been active since 2018, is linked to phishing campaigns that targeted over 483,000 victims (mainly Spanish-speaking) across Europe and the Americas.
Authorities reported the arrest of the alleged mastermind, an Argentinian national, who is accused of developing and managing iServer. The platform operated as a phishing-as-a-service (PhaaS), offering its services to criminals, or “unlockers,” who sought access to stolen mobile phones. The platform’s operator charged fees for services, including phishing attacks, SMS, emails, and phone calls used to deceive victims into unlocking their phones.
Investigators uncovered that more than 2,000 “unlockers” had been registered on the phishing platform over the years, with iServer being instrumental in unlocking over 1.2 million mobile phones.
As part of the operation, involving law enforcement authorities from Spain, Argentina, Chile, Colombia, Ecuador, and Peru, 17 arrests have been made, and 28 searches have been conducted with 921 items seized, including mobile phones, electronic devices, vehicles, and weapons.
Two suspects arrested in connection with a $230M crypto theft and laundering scheme
Two young men were arrested in the US connection with a scheme to steal and launder over $230 million in cryptocurrency. Authorities have charged Malone Lam and Jeandiel Serrano with conspiracy to commit wire fraud, theft of cryptocurrency, and money laundering.
Lam, aka ‘Greavys,’ ‘Anne Hathaway,’ and ‘$$$,’ and Serrano, who went by ‘Box,’ ‘VersaceGod,’ and ‘@SkidStar,’ are accused of orchestrating a sophisticated cyber heist on August 18, 2024. According to court documents, the duo and their associates managed to steal over 4,100 Bitcoin, then valued at over $230 million, from a victim in Washington, D.C.
Federal investigators allege that Lam and Serrano used a combination of crypto exchanges and mixing services to launder the stolen assets using techniques such as ‘peel chains’ (a method that splits large transactions into harder-to-trace pieces), and ‘pass-through wallets’ to hide the flaw of the funds.
The suspects reportedly relied on virtual private networks (VPNs) to mask their true locations while conducting transactions.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
The creator of the ‘Skynet ’ Dark Web marketplace gets five years in prison
Simon Kaura, a Nigerian national, was sentenced to five years in US prison without parole for his role in a global conspiracy to sell stolen financial information on the Dark Web.
Kaura, who was extradited from the United Kingdom, pleaded guilty on May 22, 2024, to one count of conspiracy to commit access device fraud and one count of access device fraud. His crimes, according to court findings, resulted in an intended loss of $6.3 million.
Operating under various online aliases, Kaura and his co-conspirators run a Dark Web marketplace named “Skynet” where the stolen data and illegal contraband were traded. It also offered a platform for cybercriminals to communicate and coordinate illicit activities.
Kaura’s sentencing follows that of co-defendant Taylor Ross Staats (aka f9ac4), a Texas resident, who was sentenced to 18 months in prison in January 2024. Staats’s role was to verify whether stolen payment cards were still active before they were sold on the Dark Web. His job was to test and organize the card information for sale.
South Korean police arrest seven linked to a Vietnam-based smishing scam ring
South Korean authorities, in coordination with Vietnamese police, have arrested seven individuals suspected of running a sophisticated smishing ring that allegedly extorted over 10 billion won (approximately $7.5 million) from hundreds of victims.
The seven suspects, including the group’s alleged leader, were apprehended after a months-long investigation led by South Korean authorities in collaboration with their Vietnamese counterparts. According to the National Police Agency (NPA), six of the suspects have been extradited to Vietnam to face charges.
Authorities believe that the smishing group orchestrated a variety of scams involving deceptive messages containing links that, when clicked, installed malware capable of extorting funds from victims’ bank accounts.
The investigation into the smishing ring began in July 2023, after South Korean police received a report of fraud linked to a digital wedding invitation. The case quickly expanded, leading to the arrests of 86 members of the group operating within South Korea.
A teacher arrested for hacking Indonesia’s National Civil Service agency website
A contract teacher from Banyuwangi, identified as Barik Abdul Ghofur, 25, has been arrested for hacking into Indonesia's National Civil Service Agency’s (BKN) website and selling stolen data on the Dark Web. Barik reportedly made an illicit profit of $8,000 (approximately Rp 121 million) from his cybercrime activities.
Barik's actions came to light after he allegedly hacked into the BKN website on August 9, 2024, gaining unauthorized access to sensitive data. Shortly after the breach, he sold the stolen information on the notorious hacker forum Breachforums.
Further investigations revealed that Barik had previously been involved in cyber-attacks on other high-profile targets, such as universities in the United States and private companies in South Africa.
Barik Abdul Ghofur now faces multiple charges. If convicted, he could face a prison sentence of up to 10 years for hacking and data theft.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
