430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

OP KAERB: Europol dismantled phishing scheme targeting mobile users

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform. The organization operated a phishing-as-a-service (PhaaS) platform called iServer, which had over […]

phishing scheme op KAERB

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users.

Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.

The organization operated a phishing-as-a-service (PhaaS) platform called iServer, which had over 2,000 registered users.Crooks targeted at owners of mobile devices that were attempting to regain access to their phones and were phished in the process.

“Europol has supported European and Latin American authorities in dismantling an international criminal network engaged in unlocking stolen or lost mobile phones through a phishing platform.” reads the press release published by Europol.

Law enforcement and judiciary authorities from Spain, Argentina, Chile, Colombia, Ecuador and Peru took part in the operation.

phishing scheme op KAERB

According to Europol, there were 483 000 victims worldwide, mainly Spanish-speaking nationals from European, North American and South American countries.

The law enforcement operation, code named called “KAERB,” was conducted between 10 and 17 September and resulted in 17 arrests. The police performed 28 searches and seized 921 electronic devices, including mobile phones, vehicles and weapons.

“The illicit activity of the criminal structure dedicated to Crime as Service began with the theft of telephone terminals, which they unlocked using combined and simultaneous phishing, smishing and vishing techniques with which they obtained the access credentials to the device from their victims in order to take over their digital life.” reported the Spanish police. “The computer platform they used is estimated to have unlocked 1,300,000 stolen high-end telephone devices.”

The criminal ring created and marketed an online service to unlock stolen high-end mobile phones. The gang relied on over 5,300 fake websites to imitate real phone company pages, sending SMS messages to victims whose phones had been stolen. According to the Spanish police, the criminal network unlocked approximately 1.3 million devices, including 30,000 in Spain. The criminals profiled victims using their stolen personal belongings and OSINT techniques to obtain phone numbers for targeted smishing and vishing attacks. Victims were tricked into entering unlock codes on fraudulent websites, believing they could recover their stolen devices, but the codes were collected and used by the criminals.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, phishing scheme)