An INTERPOL-coordinated cyber operation against a strain of malware targeting e-commerce websites has identified hundreds of compromised websites and led to the arrest of three individuals running the malicious campaign in Indonesia. 

The malware, known as a JavaScript-sniffer, targets online shopping websites. When a website is infected, the malware steals the customers’ payment card details and personal data such as names, addresses and phone numbers, sending the information to Command and Control (C2) servers controlled by the cybercriminals.

At the request of the Indonesian National Police, INTERPOL’s ASEAN Cyber Capability Desk provided technical and operational support that resulted in the arrest of three individuals suspected of commanding the C2 servers in the country. The investigation revealed the suspects were using the stolen payment card details to purchase electronic good and other luxury items, then reselling them for a profit.

Data provided to INTERPOL through a partnership with cybersecurity firm Group-IB on the scope and range of this malware helped identify hundreds of infected e-commerce websites worldwide. Group-IB also supported the investigation with digital forensics expertise helping to identify the suspects.

Under Operation Night Fury, INTERPOL’s ASEAN Desk disseminated Cyber Activity Reports to the affected countries, highlighting the threat to support their national investigations. In particular, the intelligence detected C2 servers and infected websites located in six countries in the ASEAN region.

“Strong and effective partnerships between police and the cybersecurity industry are essential to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cyber threat landscape,” said Craig Jones, INTERPOL’s Director of Cybercrime.

“This successful operation is just one example of how law enforcement is working with industry partners, adapting and applying new technologies to aid investigations, and ultimately reduce the global impact of cybercrime,” concluded Jones.

In Singapore, authorities identified and took down two of the C2 servers. Investigations in other ASEAN countries are ongoing, with INTERPOL continuing to support police in locating C2 servers and infected websites and identifying the cybercriminals involved.

Like this article?

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Share on email

Donate to the cause and support independent journalism

Fight against corruption, stand for justice and equality.
Advocating for ethics and transparency in Asia’s maritime industry, we raise awareness through independent journalism.

We believe in the power of individuals to trigger changes and uplift the image of the maritime industry. As such, we publish stories to keep our readers informed to enable them to make educated decisions.

We invite our readers to support the cause and be part of the fight against corruption.

Join our community for the price of a cup of coffee or any other amounts that you wish.

This is a secure webpage.
We do not store your credit card information.