A hunt is on for e-commerce scammers

An INTERPOL operation against a strain of malware targeting e-commerce websites has identified hundreds of compromised websites and led to the arrest of three individuals in Indonesia.

An INTERPOL-coordinated cyber operation against a strain of malware targeting e-commerce websites has identified hundreds of compromised websites and led to the arrest of three individuals running the malicious campaign in Indonesia. 

The malware, known as a JavaScript-sniffer, targets online shopping websites. When a website is infected, the malware steals the customers’ payment card details and personal data such as names, addresses and phone numbers, sending the information to Command and Control (C2) servers controlled by the cybercriminals.

At the request of the Indonesian National Police, INTERPOL’s ASEAN Cyber Capability Desk provided technical and operational support that resulted in the arrest of three individuals suspected of commanding the C2 servers in the country. The investigation revealed the suspects were using the stolen payment card details to purchase electronic good and other luxury items, then reselling them for a profit.

Data provided to INTERPOL through a partnership with cybersecurity firm Group-IB on the scope and range of this malware helped identify hundreds of infected e-commerce websites worldwide. Group-IB also supported the investigation with digital forensics expertise helping to identify the suspects.

Under Operation Night Fury, INTERPOL’s ASEAN Desk disseminated Cyber Activity Reports to the affected countries, highlighting the threat to support their national investigations. In particular, the intelligence detected C2 servers and infected websites located in six countries in the ASEAN region.

“Strong and effective partnerships between police and the cybersecurity industry are essential to ensure law enforcement worldwide has access to the information they need to address the scale and complexity of today’s cyber threat landscape,” said Craig Jones, INTERPOL’s Director of Cybercrime.

“This successful operation is just one example of how law enforcement is working with industry partners, adapting and applying new technologies to aid investigations, and ultimately reduce the global impact of cybercrime,” concluded Jones.

In Singapore, authorities identified and took down two of the C2 servers. Investigations in other ASEAN countries are ongoing, with INTERPOL continuing to support police in locating C2 servers and infected websites and identifying the cybercriminals involved.

Make seafaring great again

Make seafaring great again

An overwhelming 80 percent of global goods are transported by ships and this fact places the maritime industry at the

The best maritime news and insights delivered to you.

subscribe maritime fairtrade

Here's what you can expect from us:

  • Event offers and discounts
  • News & key insights of the maritime industry
  • Expert analysis and opinions on corruption and more