Read also: Swiss, German authorities shut down Cryptomixer crypto-service used to launder €1.3B, four arrested in S.Korea for hacking over 120K IP cameras, and more.

Views: 3.2k Read Time: 4 min.

Phisher Gets 7 Years In Prison For Running “Evil Twin” Airport WiFi Network

Phisher gets 7 years in prison for running “evil twin” airport WiFi network

An Australian man has been sentenced to seven years and four months in prison for orchestrating a sophisticated “evil twin” WiFi scheme that targeted travelers during domestic flights and at major airports across the country. The 44-year-old was arrested in July 2024 after authorities discovered he had been operating rogue wireless networks in Perth, Melbourne, and Adelaide.

The man used a portable “WiFi Pineapple” device to create fake access points that mimicked legitimate airport networks. Unsuspecting travelers who connected were redirected to phishing pages designed to steal their social media login details. According to the Australian Federal Police (AFP), he then accessed women’s accounts to monitor messages and steal private photos and videos. Forensic analysis uncovered thousands of intimate files and records of fraudulent WiFi pages on his devices.

The man attempted to destroy evidence the day after a search warrant was executed, deleting more than 1,700 items from a cloud storage account and unsuccessfully trying to remotely wipe his phone. He also accessed his employer’s laptop without authorization to learn about confidential discussions between the company and police investigators.

Following the investigation, the man pleaded guilty to a string of offenses, including causing unauthorized access to restricted data, attempted data breaches, unauthorized impairment of electronic communications, possessing data for serious criminal use, stealing, failing to comply with a legal order, and attempted destruction of evidence.

Police op shuts down the Cryptomixer service linked to cybercrime

Law enforcement authorities from Switzerland and Germany have dismantled the Cryptomixer cryptocurrency-mixing service, a platform believed to have laundered more than €1.3 billion in Bitcoin since its launch in 2016.

The takedown, conducted between November 24 and November 28 in Zurich under “Operation Olympia,” was supported by Europol and Eurojust. Officers seized three servers, more than 12 terabytes of data, both the clear-web and Tor domains of the service, and €24 million in Bitcoin.

According to Europol, Cryptomixer operated as a hybrid service accessible from both the open internet and the Dark Web. It allowed cybercriminals, including ransomware groups and Dark-Web market vendors, to hide the origins of illicit funds.

In recent years, the crackdown on illegal mixing services has intensified worldwide. In March 2023, German and US authorities took down the unlicensed cryptocurrency mixer ChipMixer, seizing four servers, 7 TB of data, and $46.5 million in Bitcoin.

More recently, the founders of the Samourai Wallet mixer were sentenced in the United States for helping criminals launder over $237 million, while in the UK, a woman, known as “Bitcoin Queen,” received nearly 12 years in prison for laundering cryptocurrency linked to a multi-billion-pound investment scheme. Earlier this year, US prosecutors also indicted three operators of the Blender.io and Sinbad.io mixers, both used by ransomware groups and North Korean cybercriminals.

Four arrested in South Korea for hacking over 120K IP cameras in homes and businesses

South Korean authorities have arrested four people accused of hacking more than 120,000 video cameras installed in homes and businesses, then using the footage to create sexually exploitative videos for an overseas website.

Police said that the suspects allegedly took advantage of weak security protections on Internet Protocol (IP) cameras, including easily guessed passwords. The targeted locations ranged from private residences to karaoke rooms, as well as a pilates studio, and a gynaecologist’s clinic. According to the National Police Agency, the four suspects acted independently and did not conspire with each other.

One suspect is accused of breaching 63,000 cameras and producing 545 illicit videos, which he allegedly sold for 35 million won ($12,235) in virtual assets. Another allegedly hacked 70,000 cameras and sold 648 videos for 18 million won. Police say the two were responsible for roughly 62% of the illegal videos posted over the past year on a website dedicated to distributing hacked camera footage.

Authorities are now working to block and shut down the site, collaborating with international agencies to identify its operator. Three alleged buyers and viewers of the material have also been arrested.

US authorities take down Myanmar scam website spoofing the TickMill trading platform

The US Department of Justice has seized a fraudulent website linked to a major scam compound in Myanmar. The domain (tickmilleas[.]com) was designed to mimic the legitimate forex and commodities trading platform TickMill and was used to steal thousands of dollars from unsuspecting investors.

According to an affidavit, investigators traced the site to the Tai Chang scam compound in Kyaukhat, one of the region’s most notorious hubs for online fraud.

Scammers used the spoofed TickMill site to lure victims into depositing funds, showing fabricated investment returns and fake account deposits to create the illusion of profitable trading. The fake platform also pushed users to download malicious mobile apps.

Despite the domain being registered only in early November 2025, the FBI has already identified multiple victims who sent cryptocurrency to the scammers under the belief they were making legitimate investments, the DOJ said.

In a separate law enforcement action, Thai authorities have seized over $300 million in assets and issued arrest warrants for 42 individuals in a major crackdown on regional online scam networks. Among targeted individuals are Chinese-Cambodian tycoon Chen Zhi, the head of the US-sanctioned Prince Group, and Cambodian nationals Kok An and Yim Leak, allegedly linked to large-scale transnational scam operations.

Get a Demo

ImmuniWeb can help you to prevent data breaches and meet regulatory requirements.

Two brothers accused of destroying US government databases

Two US men were arrested for allegedly participating in a conspiracy to destroy government databases maintained by a federal contractor. Brothers Muneeb and Sohaib Akhter, both 34, were indicted on charges that they conspired to delete databases containing sensitive US government information. Prosecutors say the brothers, both formerly employed as federal contractors, accessed company systems without authorization after their termination and carried out a series of destructive actions.

According to the indictment, Muneeb Akhter allegedly deleted roughly 96 databases containing federal records, including Freedom of Information Act documents and sensitive investigative files. Court filings also state that within a minute of deleting a Department of Homeland Security database, he sought advice from an artificial intelligence tool on how to clear system logs. Prosecutors further allege the brothers discussed “cleaning out” their home to prepare for a potential law enforcement search. Laptops issued by their employer were reportedly wiped before being returned.

Muneeb Akhter has also been accused of accessing US Equal Employment Opportunity Commission systems without authorization after his firing and stealing IRS-related data from a virtual machine, including tax and identifying information belonging to at least 450 individuals. Sohaib Akhter is also charged with trafficking a password that granted access to a government computer.

Muneeb Akhter faces charges including conspiracy to commit computer fraud, computer fraud, theft of government records, and two counts of aggravated identity theft. If convicted, he could face a mandatory minimum of two years for each identity theft count and up to 45 years on the remaining charges. Sohaib Akhter faces up to six years in prison if convicted on his conspiracy and password-trafficking charges.