Cyber Crime

Europol coordinated operation against international cybercrime ring

Five members of an international cybercrime gang have been arrested as a result of an investigation coordinated by the Europol.

A joint operation conducted by the Europol and the Asian law enforcement allowed to arrest five members of an international organised cybercrime gang focused on cyber attacks on ATMs, three of them have been convicted.

It has been estimated that the group caused to the banks around EUR 3 million losses.

One arrest has been made by the Romanian National Police, three arrests by the Taiwanese Criminal Investigation Bureau and one arrest by the Belarusian Central Office of the Investigative Committee.

The crime organization recruited members online, most of them were citizens of more than one country a strategic choice because allowed the gang to have support in different countries facilitating the travels of the components of the gang.

Crooks were launching spear-phishing attacks aiming to distribute a malware to compromise the internal networks of the banks and gain control over the network of ATMs.

Europol operationEuropol operation

According to the Europol official announcement, the modus operandi employed was very complex and involved:

  • spear-phishing emails with attachments containing malicious programmes,
  • penetration of the banks’ internal networks,
  • compromising and controlling the network of ATMs,
  • special computer programmes which deleted most of the traces of the criminal activity, etc.

Cyber criminals were also able to use the software to delete almost all traces of the criminal activity.

Members of the organised crime gang were recruited online, with most members being citizens of more than one country, something which helped them travel across the globe.

The Europol had a pivot role for the success of the international law enforcement operation.

“The majority of cybercrimes have an international dimension, taking into account the origins of suspects and places where crimes are committed. Only through a coordinated approach at the global level between law enforcement agencies can we successfully track down the criminal networks behind such large-scale frauds and bring them to justice,” says Steve Wilson, Head of Europol’s European Cybercrime Centre (EC3).

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Europol, cybercrime)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting…

6 hours ago

A flaw could allow recovery of the phone number associated with any Google account

A vulnerability could allow recovery of the phone number associated with a Google account by…

11 hours ago

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash…

22 hours ago

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch…

1 day ago

U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws…

1 day ago

Mirai botnets exploit Wazuh RCE, Akamai warned

Mirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai…

1 day ago