Interpol, the world's largest international police organization, announced the capture of a suspected mastermind behind the high-profile cybercrime syndicate known as OPERA1ER. The arrest took place in Côte d'Ivoire in early June as part of a global effort dubbed Operation Nervone.
For the last four years, OPERA1ER, also known by monikers such as NX$M$, DESKTOP Group and Common Raven, has wreaked havoc on the international banking scene, inflicting an estimated loss of $30 million on more than 30 banks and financial institutions in 15 countries. The gang was particularly active in Africa, Asia and Latin America.
BEC scams, phishing campaigns and malware formed the triad of attack methods favored by OPERA1ER. The hackers initially sent emails to staffers of their target organizations. Those who interacted with these deceptive communications inadvertently permitted keyloggers, password stealers and backdoors on their devices, compromising internal systems and networks.
The crooks leveraged stolen credentials to gain administrative privileges on Windows domain controllers and backend applications of banks. They also compromised SWIFT messaging clients—a key communication tool banks and financial organizations use to relay transaction details.
The criminals used notorious hacking tools such as Cobalt Strike and Metasploit to gain persistence on the infiltrated systems. They often remained undetected for 3 to 12 months while they discreetly transferred funds between accounts.
Towards the end of the operation, the gang hired accomplices to withdraw the laundered money from ATMs, obscuring their digital tracks.
Operation Nervone, led by Interpol, has worked tirelessly to bring the cybercrime syndicate to justice. This arrest, marking a significant breakthrough, resulted from a collective endeavor by international law enforcement agencies, cybersecurity experts and French telecom giant Orange.
"Operation Nervone is a testament to what we can achieve through international collaboration and intelligence sharing," says INTERPOL's Assistant Director of Cybercrime Operations Bernardo Pillot. "This successful operation marks a significant step in our ongoing mission to dismantle organized cybercrime networks, showcasing the power of collective action in stemming the tide against cybercrime."
Authorities hope this arrest will disrupt operations of the cybercrime gang and provide valuable information for further investigations into the world of international cybercrime. The mission to bring the rest of the gang to justice continues.
This arrest is a reminder that the digital landscape can be as perilous as it is promising. As global connectivity increases, so does the importance of strong cybersecurity measures in protecting personal and corporate data.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsNovember 14, 2024
September 06, 2024