A giant phishing network that victimized hundreds of thousands has been shut down in Spain and Latin America, resulting in multiple searches and seized items.
Imagine getting your phone stolen and later discovering that thieves have harvested your personal, financial, or security information.
But what if your data wasn’t stolen by the initial thieves? Instead, it was taken by an organization that promised the criminal who stole your device that the phone could be unlocked.
You then find out that you’re simply a pawn within a larger cybercrime ecosystem that capitalizes on thieves' potential ignorance to harvest your personal information.
You then discover that you’re not the only one. Instead, you’re one in almost 500,000.
In a joint operation known as “Operation Kaerb” between Europol and the Specialized Cybercrime Center or Ameripol,” a phishing network that claimed 483,000 victims has been shut down.
Group-IB, which builds cybersecurity technologies to help prevent cybercrime, identified the cybercrime network in question and sent this information to Europol.
The network, known as iServer, was a phishing-as-a-service platform used predominantly by Spanish-speaking criminals in North and South America. However, this later expanded to parts of Europe and other regions of the world, Group-IB said.
The automated phishing site focused on stealing credentials to unlock stolen devices.
According to Group-IB, iServer allowed “low-skilled criminals, known as “unlockers,” to steal device passwords, user credentials from cloud-based mobile platforms, and other personal information from victims.” This then enabled criminals to bypass “Lost Mode” on the device and unlock the phone illegally.
The mastermind behind this scheme was an Argentinian national who was responsible for developing and running phishing services since 2018.
Over the five-year period, the man provided a phishing-as-a-service platform that allowed criminals to unlock mobile phones. He sold access to his website and set additional fees for phishing services – SMS, email, or call phishing services were offered.
These services would be used by criminals, otherwise known as “unlockers,” which allowed them to access stolen devices.
Over the years, 2,000 unlockers participated in the scheme and the phishing network unlocked over 1.2 million phones.
Throughout the operation, 28 searches were conducted, and 921 items were seized, which resulted in the arrests of 17 individuals.
Your email address will not be published. Required fields are markedmarked