Singapore, Taiwan, and U.S. authorities dismantle major malware and dark web operations
The Singapore Police Force (SPF) has extradited two men from Malaysia for allegedly running a mobile malware campaign targeting Singaporeans since June 2023.
These individuals, aged 26 and 47, tricked users into downloading malicious Android apps via phishing campaigns to steal personal and banking data. The stolen information was used for fraudulent transactions, causing financial losses. A seven-month investigation, launched in November 2023 with the Hong Kong Police Force and Royal Malaysia Police, linked the suspects to a syndicate conducting malware-enabled scams. They allegedly operated servers to infect victims’ phones with malicious APK apps, gaining remote control to compromise banking accounts.
Group-IB reported that the apps were disguised as offering discounts and contained a remote access trojan (RAT) to capture sensitive data and passwords. The RAT also allowed real-time geolocation tracking and persisted even after device reboots. One suspect faces up to seven years in prison and a $50,000 fine, while the other could face up to 10 years and a $500,000 fine.
In a related operation, Taiwan Police arrested four others involved in similar unauthorized bank transfers. Assets worth $1.33 million, including cryptocurrency and real estate, were seized. The operation, named Operation DISTANTHILL, has apprehended 16 cyber criminals linked to over 4,000 victims.
Separately, the U.S. Justice Department charged Thomas Pavey and Raheim Hamilton for running the dark web marketplace Empire Market, facilitating over $430 million in illegal trades from February 2018 to August 2020. The marketplace hosted sales of drugs, counterfeit currency, and stolen credit card information, with transactions in cryptocurrency. Investigators seized cash, precious metals, and over $75 million in cryptocurrency.
