An Interpol-coordinated cyber operation against a strain of malware targeting e-commerce Web sites has identified hundreds of compromised Web sites.
The operation led to the arrest of three individuals running the malicious campaign in Indonesia. Interpol did not disclose the names of the affected Web sites.
The malware, known as a JavaScript-sniffer, targets online shopping Web sites. According to Interpol, when a Web site is infected, the malware steals customers’ payment card details and personal data such as names, addresses and phone numbers, sending the information to command and control (C2) servers controlled by the cyber criminals.
Data provided to Interpol through a partnership with cyber security firm Group-IB on the scope and range of this malware helped identify hundreds of infected e-commerce Web sites worldwide.
Group-IB also supported the investigation with digital forensics expertise, helping to identify the suspects.
Under Operation Night Fury, Interpol’s ASEAN Cyber Capability Desk disseminated cyber activity reports to the affected countries, highlighting the threat to support their national investigations.
In particular, the intelligence detected C2 servers and infected Web sites located in six countries in the Association of Southeast Asian Nations (ASEAN) region.
At the request of the Indonesian National Police, the ASEAN Desk provided technical and operational support that resulted in the arrest of three individuals suspected of commanding the C2 servers in the country.
The investigation revealed the suspects were using the stolen payment card details to purchase electronic goods and other luxury items, then reselling them for a profit.
“Strong and effective partnerships between police and the cyber security industry are essential to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cyber threat landscape,” says Craig Jones, Interpol’s director of cyber crime.
“This successful operation is just one example of how law enforcement is working with industry partners, adapting and applying new technologies to aid investigations, and ultimately reduce the global impact of cyber crime,” says Jones.
Share