Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Joint Operation. Show all posts
W3LL Phishing
Cyber Crime FBI Indonesian Police Joint Operation W3LL Phishing

FBI and Indonesian Police Dismantle W3LL Phishing Network in Major Cybercrime Bust

 

In a landmark international operation, the U.S. Federal Bureau of Investigation (FBI) collaborated with the Indonesian National Police to dismantle the W3LL phishing network, a sophisticated cybercrime platform responsible for over $20 million in attempted fraud.Authorities seized critical infrastructure, including key domains, and detained the alleged developer, identified as G.L., marking the first joint U.S.-Indonesia effort to shut down a hacking platform.

The FBI's Atlanta division led the charge, emphasizing that the takedown severs a vital tool cybercriminals used to steal account credentials from thousands of victims worldwide. The W3LL phishing kit, sold for around $500, empowered even low-skilled hackers by providing ready-made templates mimicking legitimate login pages for banks and services like Microsoft 365. This phishing-as-a-service (PhaaS) model allowed attackers to deploy fake sites that harvested credentials, hijacked session cookies, and bypassed multi-factor authentication (MFA) via adversary-in-the-middle (AitM) techniques.

First documented by Group-IB in 2023, W3LL operated through an underground "W3LL Store" serving about 500 threat actors with tools for phishing, business email compromise (BEC), and stolen data sales. Active since 2017, the network's developer previously created spam tools like PunnySender and evolved W3LL into a full-service ecosystem, reselling over 25,000 compromised accounts from 2019 to 2023. Even after the W3LL Store shuttered in 2023, operations persisted via encrypted messaging, rebranding the kit and targeting over 17,000 victims in 2023-2024 alone. French firm Sekoia noted code reuse in other kits like Sneaky 2FA, highlighting W3LL's enduring influence in the cyber underground. 

FBI Atlanta Special Agent in Charge Marlo Graham hailed the bust as a strike against "full-service cybercrime," underscoring ongoing partnerships to protect the public. This operation disrupts a key resource for global fraud, but experts warn that cracked versions and similar kits continue circulating, perpetuating threats.For users in India and Asia, where phishing surges amid rising digital banking, the case spotlights the need for vigilance against PhaaS proliferation. 

As cybersecurity evolves, such takedowns signal stronger global enforcement, yet the low barrier to entry for phishing tools demands proactive defenses like direct URL typing and advanced MFA. This victory reinforces international cooperation's role in combating cybercrime, potentially deterring similar networks while urging organizations to bolster detection.
Read more »
Joint Operation
Cyber Crime cybercrime gang cybercrime syndicate Delhi Police FBI IFSO Interpol Interpol Operation Joint Operation

Delhi Police, FBI & Interpol in a Joint Operation Expose a Cybercrime Syndicate, Arrested Four


In a joint operation, Delhi Police, the Federal Bureau of Investigation (FBI), and Interpol have exposed an international syndicate involved in cybercrime, arresting four individuals involved in the cybercrime gang.

The four members, including the kingpin, were detained for allegedly conning the US nationals of 20 million dollars.

According to a statement provided by a Delhi Police official, the information regarding the cybercrimes was received by their Intelligence Fusion & Strategic Operations (IFSO) unit – which deals with complex cybercrime cases – from the FBI and Interpol. The agencies indicated that “some international cybercriminals, in conspiracy with each other and with the aid and assistance of co-conspirators based in India, the US and Uganda, were running call centers by posing as employees of the US Internal Revenue Service, Social Security Administration, Drug Enforcement Administration, and other US agencies,” said H.G.S. Dhaliwal, Special Commissioner Police (Delhi Police Special Cell).

“We received information that one accused, Parth Armarkar, impersonated a specific living person by the name of Uttam Dhillon. During his career, the real Uttam Dhillon served as the Acting Administrator of the US Drug Enforcement Administration and as the Director of INTERPOL Washington. Armarkar defrauded victims of millions of USD through call centers operating in Uganda, Africa. He is an Indian national and occasionally visits India,” Dhaliwal said.

The accused Armarkar, allegedly defrauded the victims of around $6 million via phony call centers in Uganda. Later, the technical inputs provided by the FBI helped Delhi police arrest the accused from Ahmedabad, India, apparently the place from where he was operating a segment of the syndicate.

Keeping in mind the severity of the situation, the Delhi Police established several teams of IFSO and Counter Intelligence/Special Cell to investigate on the issue.

Armarkar’s arrest was followed by the Delhi police tracking down the alleged leader of the syndicate, Vatsal Mehta. Further investigation led to the arrest of two more accused, Deepak Arora and Prashant Kumar. According to the police, the accused were on the FBI radar for a very long time.

As part of the coordinated action, the FBI has interviewed over 50 victims so far and collected evidence of fraud amounting to more than 20 million USD, which will be produced in court as per procedure. “Two victims from the US have also been examined through video calling by IFSO (Intelligence Fusion & Strategic Operations),” the officials noted.

The First Information Report (FIR) was lodged against the four accused under section 419 (cheating done by impersonation), 420 (cheating), 384 (extortion), 120B (criminal conspiracy), 34 (acts by many in furtherance of common intention) of the Indian Penal Code and sections 66C (identity theft) and 66D (impersonation) of the IT Act.

Read more »
Subscribe to: Posts (Atom)