Pierluigi Paganini June 12, 2015

A joint international operation led to the dismantling of a criminal gang who is behind the Operation Triangle phishing campaign.

A joint effort of Law enforcement from six countries, including Italy, Spain, Poland,Belgium, the U.K., and Georgia, allowed the arrest of 49 suspects fraudsters.

Twenty individuals were arrested in Italy, 10 in Spain, 18 in Poland, and one suspect was arrested in Belgium.

The alleged cyber criminals were involved in a complex phishing scheme dubbed Operation Triangle that allowed cybercriminals to steal more than $6 million.

“Yesterday, a joint international operation led to the dismantling of a group of cybercriminals active in Italy, Spain, Poland, the United Kingdom, Belgium and Georgia, who are suspected of committing financial fraud involving email account intrusions. The operation resulted in the arrest of 49 suspected members of the criminal group” states a press release from Eurojust and Europol.

According the first information related to the criminal organization dismantled, the crew was composed of individuals from Cameroon, Nigeria, and Spain that implemented a phishing campaign (Operation Triangle) to steal data from their victims through man-in-the-middle attacks.

The fraudsters took over email accounts of victims from businesses across Europe, the crooks used social engineering techniques and also malware-based attacks. Once hacked the email accounts of the victims they hijacked the payment to themselves instead of the legitimate individuals. With this tactic, the gang cashed out nearly €6 million by using “sophisticated network of money laundering transactions,” outside the EU.

“The modus operandi used by this criminal group is the so-called man-in-the-middle and involved repeated computer intrusions against medium and large European companies through hacking (malware) and social engineering techniques. Once access to companies’ corporate email accounts was secured, the offenders monitored communications to detect payment requests. The company’s customers were then requested by the cybercriminals to send their payments to bank accounts controlled by the criminal group. ” continues the Europol.

The law enforcement seized laptops, hard disks, tablets, telephones, credit cards and cash, SIM cards, memory sticks, forged documents and bank account documents.

Just a month ago, law enforcement dismantled another organization which was also composed by Nigerian fraudsters that have stolen more thank $3 million via online fraud.

Pierluigi Paganini

(Security Affairs –  Operation Triangle, cybercrime)