Hacker Group ‘InfinityBlack’ taken down

Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, have taken down ‘InfinityBlack’, a hacker group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud. The hackers created online platforms to sell user login credentials known as ‘combos’. The group was organised into three teams:

  • Developers created tools to test the quality of the stolen databases
  • Testers analysed the suitability of authorisation data.
  • Project managers then distributed subscriptions against cryptocurrency payments.

The hacker group’s main source of revenue came from stealing loyalty scheme login credentials and then selling them on to other, less technical, criminal gangs. These gangs would then exchange the loyalty points for expensive electronic devices.

The hackers created a sophisticated script to gain access to a large number of Swiss customer accounts. Although the losses are estimated at €50,000, the hackers had access to accounts with potential losses of more than €610,000. Fraudsters were spotted when using the stolen data in shops in Switzerland.

Effective Cross-Border Cooperation resulted in arrests

hacker group equipmentOn 29th April 2020, the Polish National Police searched six locations in five Polish regions and arrested five individuals believed to be members of the hacker group. Police seized electronic equipment, external hard drives and hardware cryptocurrency wallets, all worth around €100,000.  Two platforms with databases containing over 170 million entries were closed down by the police.

Between 30th April and 2nd May 2019, five arrests were made in the Swiss canton of Vaud.  This was as a result of investigative measures taken by specialists from the Cyber Investigation Division (DEC) of the Vaud Cantonal Police.  Once the criminal gang cashing out the loyalty points was identified in Switzerland, police exchanged criminal intelligence and uncovered links to members of the separate hacking group in Poland.

Europol enabled close cooperation between cyber units in Poland and Switzerland through the dedicated network of cyber liaison officers (J-CAT) hosted at Europol’s headquarters. Europol also supported the operation by facilitating information exchange and providing technical and analytical support. Eurojust facilitated the transmission of information between the Public Prosecutor’s Offices in Switzerland and Poland.

Investment fraud gang taken down in Bulgaria and Serbia

Investment fraudA large criminal network involved in investment fraud, money laundering and social engineering was taken down in an international investigation, launched one year ago. The action day, which took place in Belgrade and Sofia, went ahead on 2 April despite the current lockdown.

Estimated total losses were €80 million and the fraud affected over 1,000 victims in Germany and Austria, as well as people in other countries.  In Austria  it is estimated that 850 victims lost around €2.2 million, while in Germany hundreds of victims suffered estimated losses of about €10 million.

The suspects, believed to be members of a large criminal network, offered bogus investments in trading products such as binary options and contract for differences (CFDs) on online trading platforms.  The investments started at around €250 and Agents from call centres in Bulgaria and Serbia then manipulated the victims to make much higher investments in non-existent trading products including CFDs and forex (foreign exchange currency market).

During the action day Law enforcement authorities from Bulgaria and Serbia carried out 11 house searches and arrested 9 individuals (5 in Serbia and 4 in Bulgaria). Two of the leaders of the criminal network were arrested in Sofia. The seizures include five properties in Serbia, €2.5 million from a bank account in Germany, electronic equipment and other evidential material. 30 other bank accounts were put under surveillance.  

Advisory Group on Financial ServicesEuropol and Eurojust supported the investment fraud investigation, which involved law enforcement and judicial authorities from Austria, Bulgaria, Germany and Serbia.  

Europol facilitated information exchange and provided analytical support, cross-checking operational information in real-time against its databases to provide leads to investigators in the field, and a Joint Investigation Team between Austria and Germany was set up by Eurojust to coordinate judicial matters.

EAST and Europol have worked together since 2004 and EAST provides secure platforms for public/private sector cooperation in the fight against organised criminal groups engaged in financial crime.  Click here for more information on EAST’s law enforcement relationships.

The EAST Payments Task Force (EPTF) has a specific focus on tackling social enginnering  This Group, which meets twice a year, adds value to the payments industry by using the unique and extensive EAST National Member platform and Associate Member network to provide information and outputs that are not currently available elsewhere.

European Money Mule Action (EMMA 5) leads to 228 Arrests

The 5th European Money Mule Action (EMMA 5) resulted in 228 arrests.  3833 money mules were identified alongside 386 money mule recruiters. 1025 criminal investigations were opened, many of them still ongoing.  Money mule schemes rope in victims who are often unaware that the money they are sending is part of an elaborate money laundering scheme.

EMMA 5, which ran from September to November 2019, was driven by Law enforcement authorities from 31 countries, supported by Europol and Eurojust.  Supported by the European Banking Federation (EBF), over 650 banks, 17 bank associations and other financial institutions helped to report 7520 fraudulent money mule transactions, preventing a total loss of €12.9 million.

Europol and Eurojust organised various operational and coordination meetings in The Hague to discuss the unique approach of each Member State to tackle money muling in their respective country. During the three-month action, Europol supported the operations by assisting the national authorities with cross-checks against Europol’s databases and intelligence gathering for further analysis, while Eurojust contributed to the swift forwarding and facilitation of the execution of European Investigation Orders.

WHAT ARE MONEY MULES?

Money mules, unlike their drug-trade counterparts, are not shuffling illicit goods over a physical border. Instead, they take part – often unknowingly – in money laundering activities by receiving and transferring illegally obtained money between bank accounts and/or countries. Recruiters of money mules are coming up with ingenious ways to lure in their candidates. This year, cases involving romance scams were reported on the rise, with criminals increasingly recruiting money mules on online dating sites, grooming their victims over time to convince them to open bank accounts under the guise of sending or receiving funds. Criminals are also more and more turning to social media to recruit new accomplices through get-rich-quick online advertisements. This technique is particularly popular when it comes to targeting students and young adults.

DON’T BE A MULE!

Even if money mules act unwittingly, they are committing a crime. Law enforcement will turn first to whoever’s name features on the bank account, and the legal consequences can be severe. Depending on the country’s legal framework, mules may face lengthy imprisonments and acquire a criminal record that could seriously affect the rest of their lives, such as never being able to secure a mortgage or open a bank account.

Raising awareness of the issue is vital and the Europol website provides key information on Money Muling and how to prevent it.  The Europe-wide money muling awareness campaign #DontbeaMule started yesterday. With awareness-raising material, available for download in 25 languages, the campaign informs the public about how these criminals operate, how they can protect themselves and what to do if they become a victim.

Following on from EMMA 5, and for the next week, international partners from law enforcement and judicial authorities, together with financial institutions, will be supporting the campaign at national level.

Do you think you might be used as a mule? Act now before it is too late: stop transferring money and notify your bank and your national police immediately.


The EAST Payments Task Force (EPTF) provides a public/private sector platform which focusses on raising awareness of payment crime issues and related factors such as money muling.

 

Cybercrime – Trends and Challenges

cybercrimeAs technology continues to take over our lives, and digitalisation gathers pace, cybercrime is also growing. Europol and Eurojust have published a third joint report identifying and categorising the current developments and common challenges in combating cybercrime, which fall into five different areas.

  • Loss of data: electronic data is the key to successful investigations in all the cybercrime areas, but the possibilities to obtain such data have been significantly limited.
  • Loss of location: recent trends have led to a situation in which law enforcement may no longer establish the physical location of the perpetrator, the criminal infrastructure or electronic evidence.
  • Challenges associated with national legal frameworks: the differences in domestic legal frameworks in EU Member States often prove to be serious impediments to international cybercrime investigations.
  • Obstacles to international cooperation: in an international context, no common legal framework exists for the expedited sharing of evidence (as does exist for the preservation of evidence). There is also a clear need for a better mechanism for cross-border communication and the swift exchange of information.
  • Challenges of public-private partnerships: cooperation with the private sector is vital for combating cybercrime, yet no standardised rules of engagement are in place, and investigations can thus be hampered.

Both the EAST Payments Task Force (EPTF) and the EAST Expert Group on All Terminal Fraud (EGAF) cover cybercrime and its impact on payments and terminals. Both are public-private sector platforms where experts come together to focus on such issues.  EAST National Members also share cybercrime related information with each other, and through the EAST platform, with law enforcement agencies across the world.

Europol helps to dismantle Payment Card Fraud network

A successful operation that took down an international payment card fraud network was carried out by the Public Prosecution Office at the Audiencia Nacional and National Police of Spain, and the General Directorate Combating Organized Crime in Bulgaria, with the support of Eurojust and Europol’s European Cybercrime Centre (EC3).

As a result of the cross-border action, 31 suspects were arrested (21 in Spain, 9 in Bulgaria and one in the Czech Republic) and 48 house searches (14 in Spain and 34 in Bulgaria) were carried out. The suspects were in possession of equipment used to forge payment cards, payment card data readers-recorders, skimmers, micro cameras, devices to manipulate ATMs, as well as cash and numerous counterfeit cards.

Between 2014 and 2017, the criminal network installed skimming devices on an average of 400 ATMs every year, to copy and clone the data contained on the bank cards. The forged cards were then used to make illegal transactions in 200 ATMs outside the European Union, mainly in the USA, the Dominican Republic, Malaysia, Indonesia, Vietnam, Peru, the Philippines and Costa Rica. Approximately 3,000 EU citizens were affected by the criminal network, with losses of at least EUR 500,000.

For more information visit Europol’s website.

Money Mule Arrests in Europe-wide Action

money_mule

From 22  to 26 February 2016, law enforcement agencies and judicial bodies from Belgium, Denmark, Greece, the Netherlands, the United Kingdom, Romania, Spain and Portugal – with further support from Moldova and other countries – joined forces in the first coordinated European action against money muling.  The operation was also supported by Europol, Eurojust and the European Banking Federation (EBF).

Money mules are individuals recruited by criminal organisations to receive and transfer illegally obtained money between bank accounts and/or countries.  Through the money mules, the criminals gain access to the stolen goods or funds without revealing their identity. These fraudulent schemes are often advertised through online postings and social media as seemingly legitimate job opportunities.

During the week, Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT), together with Eurojust and the EBF, provided operational and analytical support to the involved partners.  As a result of the operation, nearly 700 money mules were identified across Europe and 81 individuals were arrested after 198 suspects were interviewed by law enforcement agencies.   With the support of over 70 banks, significant financial losses were discovered and prevented, and over 900 victims of this crime were identified. More than 90% of the reported money mule transactions were linked to cybercrime (typically the illegal funds come from phishing, malware attacks, on-line shopping/e-Commerce fraud, payment card fraud, sophisticated Nigerian on-line fraud, and others).

The European Money Mule Action (EMMA) is a pilot operational project under the flag of EMPACT Cybercrime Payment Fraud Operational Action Plan, designed to combat online and payment card fraud. EMMA is modelled after a Dutch example successfully employed in recent years in the Netherlands. This action builds upon the effective partnership between the police, the prosecution and the banking sector at the national as well as the international level.