Search This Blog

Showing posts with label Europol. Show all posts

Fraudsters Pose as Europol Chief in an Attempt to Steal Victims PayPal Account Details

 

The federal police's Computer Crime Unit is looking into an identity fraud case concerning Catherine De Bolle, the executive head of the EU's law enforcement organization Europol. Fraudsters are masquerading as the director of Europol, the European Union's law enforcement organization, to mislead individuals into providing their financial information. 

The European Union Agency for Law Enforcement Cooperation, popularly known as Europol, previously called European Police Office and Europol Drugs Unit, is a law enforcement agency of the European Union (EU) constituted in 1998 to properly manage criminal intelligence and counteract significant global organized crime and terrorism through coexistence among competent authorities of EU member states. The Agency has no executive powers, as well as its personnel, are not authorized to detain suspects or act without prior consent from appropriate authorities in the member states. 

According to the Brussels Times, Belgian police have obtained numerous reports of emails posing to have been from Catherine De Bolle, Europol's executive director. The email badmouths the receiver of child pornography and sex trafficking before allegedly stealing the recipient's PayPal account details. 

Catherine De Bolle took over as Europol's executive director in 2018, following Rob Wainwright, whose tenure ended on May 1, 2018. She was previously the top commissioner of the Belgian federal police (1 March 2012–1 May 2018) as well as the police chief of zone Ninove (2001–2012). 

Europol, which had expressed concerns against this type of scam in April, asked web users not to fall for this fraud once again. 

“Our executive director would never contact members of the public threatening individuals with opening a criminal investigation,” tweeted Europol, which does investigate lots of actual cybercrime. 

The email is written in French and the sender introduces itself to be a COPJ – communication by an officer of the judicial police – and commences as: 

“At the request of Ms. Catherine De Bolle, Commissioner General of the Federal Police, elected to the post of Director of Europol — Brigade for the Protection of Minors (BPM), we are sending you this invitation. […] We are initiating legal proceedings against you for child pornography, pedophilia, exhibitionism, cyber pornography, and sex trafficking.” 

This email sent to individuals intimidates the receiver with criminal prosecution if they do not respond within 72 hours. 

“After this deadline, we will be obliged to send our report to the deputy prosecutor at the high court in Créteil [a suburb of Paris] and a cybercrime specialist to establish an arrest warrant against you.” 

This wasn't the first instance where Director De Bolle's name is being used in a phishing scam. Another fraudulent email claimed her power, and that of her successor as commissioner-general of the federal police, Marc De Mesmaeker, in March of this year. 

Following the FBI's Internet Crime Complaint Center, 12,827 individuals in the United States reported being victims of "government impersonation scams" in 2020, leading to severe losses of about $110 million. 

Whereas on the other hand, Check Point analysts disclosed in April 2020 that perhaps a ransomware gang was incarcerating Android phones, alleging victims of owning sexually explicit material and asserting that their personally identifiable information had been transmitted to an FBI data center.

Among the most high-profile cloning frauds, one came in July 2020, where fraudsters stole over $118,000 in bitcoin by hacking more than 100 famous Twitter accounts, including those of then-Amazon CEO Jeff Bezos and then-Democratic presidential contender Joe Biden.

International Sting Operation Cracks Down Encryption Criminal Groups

In an international sting operation targeting drug suppliers led to an arrest of a man. The suspect's face was blurred by the Australian Federal Police on privacy matters. The criminals while dealing with drug smuggling and money laundering, texted with each other, they were pretty confident that they'd not get caught because of a special encrypted platform the criminals were using for communication. However, the was only one issue with the group, that all these texts, which were in millions, were being tapped by the FBI. 

As a matter of fact, the FBI had sent these Anom devices to the black market. Operation Trojan Shield has these details and allegations revolving around it. It is an international operation led by the FBI which has resulted in more than 800 arrests. NPR says "the document includes transcripts of smugglers' conversations in which they name their prices and handling fees and describe their methods. Many of them also sent snapshots to each other, showing packages of cocaine and other drugs. They discussed strategies, from adding drugs to diplomatic pouches to filling pineapples and tuna cans with cocaine." 

Law enforcement agencies captured around 8 tonnes of cocaine, around 22 tonnes of cannabis, and several other drugs (in tonnes). Besides this, authorities have seized "55 luxury vehicles and over $48 million in various worldwide currencies and cryptocurrencies," says Interpol, a European law enforcement agency. As per the FBI, the agencies worked together to provide these criminal organization that operates all over the world more than 12,000 devices. Europol says it has been one of the largest and sophisticated crackdown operations on encryption criminal activities to date. Using Anom, FBI, and Europol around 300 Transnational Criminal Organizations (TCO). 

These include Italian organized crime group Outlaw Motorcycle gangs and other narcotics source (international), distribution systems, and transportation. "Law enforcement agencies were in a unique position to help the new Anom device find its market. In recent years, they've taken down three similar networks — Phantom Secure, EncroChat and, earlier this year, Sky Global — boosting criminals' demand for a new alternative," said NPR.

SOCTA: Here's a Quick Look into the Report by Europol

 

The Serious Organized Crime Threat Assessment study 2021 by Europol summarises the criminal threat from the last four years and offers insights into what can be expected in the following four years. Organized crime isn't just cybercrime, but cybercrime is now a big component of organized crime. Europol sees the development of businesses, growth in the digital lifestyle, and the rise of remote workers as new vulnerabilities and opportunities for use. 

“Critical infrastructures will continue to be targeted by cybercriminals in the coming years, which poses significant risks,” cautions the published report. “Developments such as the expansion of the Internet of Things (IoT), the increased use of artificial intelligence (AI), applications for biometrics data, or the availability of autonomous vehicles will have a significant impact. These innovations will create criminal opportunities.” 

The interruption of Emotet Botnet in January 2021, with foreign activities organized by Europol, is highlighted in the report. This includes the international efforts concerning the authorities of the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine. But the overall thought is that cybercrime is growing in sophisticated ways with criminal gangs being increasingly organized due to which the threat is multiplying at a fast rate. However, the Europol report does not comment on the usual cyber threats, apart from the fact that crime syndicates sell it 'as a service more and more. 

ENISA estimates that 230,000 new malware variants are detected each day. Europol shows that the number and sophistication of attacks continue to increase. “The increase in the number of attacks on public institutions and large companies is particularly notable.” Further, the DDoS - Denial of service is an expanding threat, frequently followed by attempts at extortion. Attacks on government and vital resources continue, but criminal groups with lower security protocols increasingly target smaller organizations. 

“Last year saw a multitude of damaging consequences from ransomware, breaches, and targeted attacks against sensitive data,” comments Yaniv Bar-Dayan, CEO and co-founder at Vulcan Cyber. Cyber attackers have taken full advantage of the much more critical vulnerabilities at the detriment of the organizations, ranging from hacks of COVID-19 study data to assaults on critical networks and government agencies. The increase in online child exploits, especially what is recognized as the live distance violence, also occurred as students experienced months at home during school closures. Besides, Europol states that it has a database of over 40 million pictures from around the globe of child sexual abuse. 

Furthermore, there shouldn’t be an underestimation of the involvement of the Dark Web in illegal activities, where criminals use it to share their knowledge on operating security. The usage of the dark web for the selling of illicit drugs and weapons has increased over the past four years, but law enforcement has seemed to have caused some mistrust among consumers and might have cooled down the growth rate in association with online assaults. Sex trafficking (THB) is also carried out on the dark web and surface web pages where labor and sex are the main categories. Europol claims that THB is substantially underreported and states that in the EU, THB is on the rise for labor exploitation. 

Even the complexity of technology has increased with the inception of fraud such as investment fraud, BEC, non-deployment fraud, novelty fraud, fake invoice fraud, social profit fraud, bank fraud, etc. This will probably go on. Also “The use of deep fakes will make it much more challenging to identify and counter fraud,” warns Europol. And the organized crime ecosystem is marked by a networked environment with smooth, systemic, and profitable coordination among criminals.

Emotet - 'Most Dangerous Malware in the World' Disrupted by the Law Enforcement Agencies

 

The European Union Agency for Law Enforcement announced that a global collaboration of law enforcement agencies had disrupted Emotet, what it called the ‘most dangerous malware in the world’.

‘Operation ladybird’ was conducted via a collaboration of private security experts with global law enforcement agencies to disrupt Emotet and take charge of Emotet’s command-and-control infrastructure. While conducting the raid Ukrainian police arrested at least two Ukrainian citizens working for the cybercriminal group.

Ukrainian law enforcement published a video showing officers seizing cash, computer equipment, and rows of gold bars. Neither Europol nor the Ukrainian police has shared the details regarding threat actors or their asserted role in the Emotet group. Ukrainian authorities released a statement explaining that “other members of an international hacker group who used the infrastructure of the Emotet bot network to conduct cyberattacks have also been identified. Measures are being taken to detain them”.

Europol stated that “the Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale”. A malware globally known as Emotet has jeopardized the free-flowing working of the Internet and has grown into one of the biggest botnets across the globe and ruining organizations with data theft and ransomware.

In 2014, Emotet was initially known as a banking trojan, the malware gradually evolved into a powerful weapon used by threat actors across the globe to secure unauthorized access to computer systems. Emotet’s designers known as APT group TA542 shared the malware with other threat actors who used malware to install banking trojans or ransomware, onto a victim’s computer system.

Interpol stated that “the infrastructure that was used by Emotet involved several hundreds of servers located across the world, all of these having different functionalities to manage the computers of the infected victims, to spread to new ones, to serve other criminal groups, and to ultimately make the network more resilient against takedown attempts”.

DarkMarket Taken Down in an international Operation

 

DarkMarket, purportedly the world's biggest dark web marketplace, has been taken down by a Europol-coordinated international operation, as indicated by authorities. Europol upheld the takedown with specialist operational analysis and coordinated the cross-border collaborative effort of the nations.

The Central Criminal Investigation Department in the German city of Oldenburg arrested an Australian resident who is the alleged operator of DarkMarket, close to the German-Danish border over the weekend. The investigation, which was driven by the cybercrime unit of the Koblenz Public Prosecutor's Office, permitted officials to find and close the marketplace, switch off the servers and hold onto the criminal framework – over 20 servers in Moldova and Ukraine upheld by the German Federal Criminal Police Office (BKA). The stored information will give investigators new prompts to further investigate moderators, sellers, and buyers.

Before its closure, DarkMarket facilitated near 500,000 clients and had encouraged more than 320,000 transactions, as indicated by Europol. The dark web marketplace exchanged everything from drugs and counterfeit cash to stolen Mastercard details and malware. As per Europol's estimate, the site exchanged what might be compared to €140 million in today’s money, in a blend of bitcoin and monero. European authorities intend to utilize held onto DarkMarket servers from Ukraine and Moldova to investigate the buyers and dealers who utilized the site for criminal transactions.

DarkMarket's bust was not the first for German authorities, which have discovered illegal platform operators on German soil lately. In 2019, Koblenz prosecutors declared the disclosure of darknet servers facilitated from a previous NATO bunker in a lethargic German town. Authorities state the probe that revealed DarkMarket included a months-in length international law enforcement operation. US agencies like the FBI, DEA narcotics law enforcement division, and IRS tax authority all added to the investigation, alongside police from Australia, Britain, Denmark, Switzerland, Ukraine, and Moldova, with Europol playing a "coordinating role." 

DarkMarket is the most recent dark web marketplace taken down since the Silk Road bust back in 2015 — in recent years, international law enforcement operations had additionally brought down AlphaBay and Wall Street Market, which were likewise used to sell drugs and other illegal products.