The Europol coordinated an international operation that dismantled a cybercrime ring that was offering services and tools to conceal malware.

The Europol dismantled a cybercrime ring as the result of a joint investigation conducted by Spanish and British law enforcement authorities (The Spanish National Police, the UK’s Regional Cyber Crime Unit for Tackling North West Serious Organised Crime (TITAN)) with the support of partners in the private sector. The activity was coordinated by the Europol Joint Cybercrime Action Taskforce (J-CAT), the law enforcement dismantled a criminal organization involved in the design, development and selling of sophisticated tools to cancel malware to security solutions.

The cybercrime ring developed a tool that was used by crooks worldwide to distribute Remote Access Trojans and key loggers. The criminal gang was offering for sale the tools on hacking forums.

“A joint investigation by Spanish and British law enforcement authorities, coordinated by Europol and its Joint Cybercrime Action Taskforce (J-CAT), has resulted in the dismantling of an international cybercrime group involved in the design, development and selling of sophisticated software tools to render all types of malicious malware  infecting thousands of computers worldwide undetectable by security products.” reads the Press Release published by the Europol.

The European Police identified and arrested 5 individuals, 3 in Spain and 2 in the United Kingdom.

During searches in Spain, the investigators seized 6 hard drives, a laptop, 2 external storage devices, 8 Bitcoin mining devices and many documents.

The role of the Europol was crucial, the organization supported a two-years-long investigation that started at the end of 2015 by providing information exchange, operational coordination, forensic expertise and on-the-spot support.

The operation had two main phases, the first one carried out in the UK in April last year, that resulted in the arrest of two suspects, the second phase, carried out in Spain in April this year that led to 3 arrests.

“To support the actions on the spot, experts from Europol’s European Cybercrime Centre (EC3) were deployed to the UK and Spain. This allowed for real-time intelligence analysis and cross-checks against Europol’s databases, as well as forensic support.” reported the Europol.

According to the investigations, the cybercrime ring has been active since mid-2013, operating a very profitable business.

The experts at the Europol warn of growing use of cybercrime ring of encryption and anonymity services for illegal purposes and concealing their activities.

This phenomenon and other criminal trends were detailed in the Europol’s Internet Organised Crime Threat Assessment (IOCTA) 2016.

“The use of encryption by criminals to protect their communications or stored data represents a considerable challenge for law enforcement, denying access to essential intelligence and evidence. This is a cross-cutting issue that affects all crime areas. The growing regularity of native encryption on mobile devices compounds this problem” states the report.