Police have announced the arrest of a suspected key figure in a large cybercriminal group that stole at least $11 million from banks and telecom companies over four years.
Interpol announced yesterday that it was working with Ivory Coast authorities, along with Afripor, Group IB and the Orange-CERT Coordination Center (Orange-CERT-CC), to carry out the arrests as part of Operation Nelbone.
Additional information was apparently provided by cybersecurity researchers at the US Secret Intelligence Service’s Criminal Investigations Division and the Booz Allen Hamilton Darklab.
According to Interpol, the group in question OPERA1ER (aka NX$M$, DESKTOP Group, Common Raven) may have actually stolen up to $30 million in dozens of attacks across 15 countries in Africa, Asia and Latin America. It is said that there is a sexuality.
Read more about OPERA1ER: Threat actor ‘OPERA1ER’ steals millions of dollars from banks and telecommunications companies.
It was first discovered by Group-IB in 2018 after a threat intelligence firm discovered spear phishing emails containing remote access Trojans (RATs) and other malware such as password sniffers and dumps.
according to reports Information security Subsequent access to the victim organization last year allowed the gang to collect and study emails and internal documents for use in future phishing attacks.
This intelligence has also made it possible to understand the complex digital payment platforms used by victim organizations, according to a Group-IB report published last year.
The attackers used this knowledge, along with stolen credentials from employees, to move funds through the organization and ultimately to “subscriber” accounts under their control.
The group then cashed the funds through an ATM. That includes cashing out through a network of over 400 subscriber accounts managed by a money mule that was recruited a few months ago.
Group-IB CEO Dmitry Volkov said, “Attempts to investigate advanced threat actors like OPERA1ER, which stole millions of dollars from financial services companies and telecom providers around the world, involve public and private sector organizations. We need a highly coordinated effort in
“The success of Operation Narborn demonstrates the importance of threat data exchange. Thanks to our collaboration with INTERPOL, Orange-CERT-CC, and our private and public sector partners, we are working together to bring the whole puzzle together. was able to assemble the
