An INTERPOL-coordinated cyber operation against a strain of malware targeting e-commerce websites has identified hundreds of compromised websites and led to the arrest of three individuals running the malicious campaign in Indonesia. 

The malware, known as a JavaScript-sniffer, targets online shopping websites. When a website is infected, the malware steals the customers’ payment card details and personal data such as names, addresses and phone numbers, sending the information to Command and Control (C2) servers controlled by the cybercriminals.

At the request of the Indonesian National Police, INTERPOL’s ASEAN Cyber Capability Desk provided technical and operational support that resulted in the arrest of three individuals suspected of commanding the C2 servers in the country. The investigation revealed the suspects were using the stolen payment card details to purchase electronic good and other luxury items, then reselling them for a profit.

Data provided to INTERPOL through a partnership with cybersecurity firm Group-IB on the scope and range of this malware helped identify hundreds of infected e-commerce websites worldwide. Group-IB also supported the investigation with digital forensics expertise helping to identify the suspects.

Under Operation Night Fury, INTERPOL’s ASEAN Desk disseminated Cyber Activity Reports to the affected countries, highlighting the threat to support their national investigations. In particular, the intelligence detected C2 servers and infected websites located in six countries in the ASEAN region.

“Strong and effective partnerships between police and the cybersecurity industry are essential to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cyber threat landscape,” said Craig Jones, INTERPOL’s Director of Cybercrime.

“This successful operation is just one example of how law enforcement is working with industry partners, adapting and applying new technologies to aid investigations, and ultimately reduce the global impact of cybercrime,” concluded Jones.

In Singapore, authorities identified and took down two of the C2 servers. Investigations in other ASEAN countries are ongoing, with INTERPOL continuing to support police in locating C2 servers and infected websites and identifying the cybercriminals involved.

Like this article?

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Share on email

Donate to Maritime Fairtrade

Your support helps sustain our extraordinary level of research and publication, enabling millions of readers to learn more about the maritime industry and make informed decisions. Thank you for your support.

visa mastercard maestro American Express apple pay stripe payment acceptance
visa mastercard maestro American Express apple pay stripe payment acceptance
This is a secure webpage.
We do not store your credit card information.

Related STORIES