Three Nigerians have been arrested for participating in a fraud scheme that fleeced over 50,000 persons in 150 countries, Interpol said on Wednesday.
The suspects are believed to be members of a wider organised crime group “responsible for distributing malware, carrying out phishing campaigns and extensive Business Email Compromise scams.”
Other members of the group are still at large.
The operation that led to their arrest was made possible by a year-long investigation carried out between Interpol, global security company, Group-IB and the Nigeria police force.
Group-IB’s participation in the operation came under Project Gateway, a framework which enables Interpol to cooperate with private partners and receive threat data directly.
“The suspects are alleged to have developed phishing links, domains, and mass mailing campaigns in which they impersonated representatives of organizations,” the Interpol Wednesday statement said. “They then used these campaigns to disseminate 26 malware programmes, spyware and remote access tools, including AgentTesla, Loki, Azorult, Spartan and the nanocore and Remcos Remote Access Trojans.
“These programmes were used to infiltrate and monitor the systems of victim organizations and individuals, before launching scams and syphoning funds. According to Group-IB, the prolific gang is believed to have compromised government and private sector companies in more than 150 countries since 2017.
“Group-IB was also able to establish that the gang is divided into subgroups with a number of individuals still at large. While investigations are still ongoing, some 50,000 targeted victims have been identified so far.”
“This group was running a well-established criminal business model,” Interpol’s cybercrime director, Craig Jones, said.