A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds.
Codenamed "HAECHI-II," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank accounts linked to the fraudulent illicit funds amassed from a range of online financial crimes, such as romance scams, investment fraud, and money laundering associated with illegal online gambling.
"The results of Operation HAECHI-II show that the surge in online financial crime generated by the COVID-19 pandemic shows no signs of waning," said Interpol Secretary General Jürgen Stock in a press statement issued on November 26.
The coordinated law enforcement probe took place over a period of four months, starting from June 2021 until September 2021, with ten new criminal modus operandi identified throughout the course of the operation.
In one instance of a sophisticated business email compromise (BEC) scam, the criminals impersonated the legal representative of an unnamed Colombian textiles company to illegally authorize the transfer of more than $16 million to two Chinese bank accounts. The firm alerted the authorities but not after finding itself defrauded of more than $8 million.
A second case concerned a Slovenian company that was tricked into transferring more than $800,000 to money mule accounts in China. In both the incidents, the money was intercepted and the stolen funds returned.
What's more, in yet another example of how threat actors quickly seize on popular trends for opportunistic exploitation, Interpol also said it uncovered a malware campaign that leveraged the hit South Korean Netflix show Squid Game to distribute a trojan that subscribed victims to paid premium services without their explicit approval.
Cybersecurity firm Proofpoint, late last month, disclosed another phishing attack that involved the cybercrime actor TA575 distributing Dridex malware using Squid Game lures. "The threat actor is purporting to be entities associated with the Netflix global phenomenon using emails enticing targets to get early access to a new season of Squid Game or to become a part of the TV show casting," the researchers noted.
Participating countries in HAECHI-II included Angola, Brunei, Cambodia, Colombia, China, India, Indonesia, Ireland, Japan, Korea (Rep. of), Laos, Malaysia, Maldives, the Philippines, Romania, Singapore, Slovenia, Spain, Thailand, and Vietnam.
The arrests are part of a three-year project to tackle cyber-enabled financial crime, and follow the first wave of the operation — dubbed "HAECHI-I" — conducted between September 2020 and March 2021. The investigation, which involved a subset of the aforementioned countries, saw 585 individuals apprehended and more than 1,600 bank accounts around the world frozen, while also intercepting $83 million in illicit funds transferred from victims to the perpetrators.