InterPol has apprehended three Nigerians for alleged involvement in a cyber-scam targeting governments and private firms in over 150 countries.
They were said to be part of a criminal organisation that allegedly compromised thousands of government and private companies across the world.
Interpol in a statement on its website, on Wednesday, said the arrest was carried out by a joint operation of the Interpol, a cybersecurity company, Group-IB, and the Nigeria Police Force, tagged ‘Operation Falcon.’
Interpol said that the modus operandi of the suspects’ mode of operation include the gang focussing on mass email phishing campaigns distributing popular malware strains under the guise of purchasing orders, product inquiries, and even COVID-19 aid while impersonating legitimate companies.
According to the statement, “The suspects are alleged to have developed phishing links, domains, and mass mailing campaigns in which they impersonated representatives of organisations.
“They, then, used these campaigns to disseminate 26 malware programmes, spyware, and remote access tools, including AgentTesla, Loki, Azorult, Spartan, and the nanocore and Remcos Remote Access Trojans.
“These programmes were used to infiltrate and monitor the systems of victim organisations and individuals, before launching scams and syphoning funds.
“According to Group-IB, the prolific gang is believed to have compromised government and private sector companies in more than 150 countries since 2017.”
Interpol’s cybercrime director, Craig Jones was quoted as saying that the public-private relationships are important in disrupting virtual crimes, stressing that “cooperation in investigation will upset well-established criminal business models.”
Based on the infrastructure that the attackers used and their techniques, Interpol disclosed that Group-IB was also able to establish that the gang was divided into subgroups with a number of individuals still at large.
“The findings on other suspected gang members, whom Group-IB was able to track down, have been shared with Interpol’s Cybercrime Directorate. The investigation continues,” it added.