Cybercrime service providers arrested in Europe
Posted on 01 October 2013.
The European Cybercrime Centre (EC3) at Europol has supported Spanish National Police in arresting two Ukrainian criminals in Madrid who sold cybercriminals access to a huge number of compromised computer servers for anonymising their Internet activities. They are also suspected of laundering the illicit proceeds of police ransomware.


Operation Ransom II – the second of this kind after one in Málaga (Spain) in February 2013 – was the culmination of an extensive investigation of over a year, corroborating the fact that police ransomware is still a big threat to EU citizens.

On 9 July, Spanish National Police arrested the two criminals and searched their house. One of them was caught red-handed, running virtual machines and chatting with other cybercriminals. Along with numerous electronic devices and digital evidence, around EUR 50,000 in cash and several thousand euros in e-currency were seized during the search.

Their sophisticated money laundering facility was processing around EUR 10,000 daily through various electronic payment systems and virtual currencies.

The 21,000 compromised servers of companies located in 80 countries (1,500 of them in Spain) had a common feature whereby access settings were via a remote desktop (RDP). With this setup, the cybercriminal could access all information contained on the servers, using full administrator privileges for the system, i.e. absolute control.

The criminals ran an online shop where the compromised machines were ‘sold’ to 450 of their cybercriminal ‘customers’ who were able to choose the location (country) of their preferred servers.

This Spanish National Police investigation was supported from the early stages by Europol specialists, who organised and hosted a coordination meeting in April 2013. Europol then facilitated the exchange of criminal intelligence with other EU Member States, delivered analytical reports, and supported the operation on the spot with a mobile office and technical advice.

Europol will receive data on the compromised computers so it can be analysed and distributed to law enforcement authorities, who in turn can notify those server owners affected by the criminals’ activity.

According to Troels Oerting, Head of EC3, the development and sophistication of malware will continue and the threat will remain high. It is important for citizens to understand that they should never pay any ransom.





Spotlight

The context-aware security lifecycle and the cloud

Posted on 25 November 2014.  |  Ofer Wolf, CEO at Sentrix, explains the role of the context-aware security lifecycle and illustrates how the cloud is shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Nov 26th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //