How Interpol arrested a thousand scammers’ gang that operated from different countries and stole millions from thousands of people

An operation coordinated by Interpol led to the arrest of 1,000 individuals allegedly involved in multiple cybercriminal operations, including banking fraud, romance scams, and money laundering and illegal betting platforms. The so-called Operation HAEICHI-II took place between June and September of this year and had the collaboration of the authorities of more than 20 countries in Africa, Asia and Europe.

In addition to the arrests, authorities managed to seize nearly $30 million USD and freeze more than 2,500 bank accounts operated by that criminal network. According to Interpol, hackers were deploying at least 10 new modes of cybercriminal operation, demonstrating their great sophistication and advanced capabilities.

One of the operations that proved most prolific for cybercriminals was a business email engagement campaign in which they deceived the staff of a textile company based in Colombia; Posing as members of a law firm, the hackers demanded a payment of $16 million USD, which was covered in two separate transfers.

In addition to the aforementioned attack variants, hackers also tried with phishing campaigns, taking advantage of popular themes such as “The Squid Game”, the most popular Netflix nowadays. By developing alleged mobile games related to the series, hackers created Trojanized apps to access thousands of affected smartphones.

Once installed on the compromised devices, these malicious apps initiated communications with an attacker-controlled server to subscribe affected users to Premium SMS services without their consent, generating substantial gains considering the number of infected users.

Operation HAEICHI-II is the continuation of HAEICHI-I, one of the most important efforts coordinated by Interpol to combat cybercriminal activity. The first of these operations took place between September 2020 and March 2021, involving more than 40 agents deployed across Asia, who worked to achieve some 500 arrests.

HAEICHI-I allowed to seize more than $80 million USD and freeze more than 1,500 accounts belonging to various groups of fraudsters, in addition to setting the precedent for the deployment of the second version of this operation.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.