In 2020, a cyber criminal gang saw three of its main members arrested in Lagos, Nigeria. The three men are thought to have been members of a large organised crime group which had been using cyber crime to siphon funds, targeting up to half a million victims since 2017.
The group used malware and phishing tactics, such as posing as legitimate organisations and sending mass emails and phishing links. Taking advantage of the Covid-19 pandemic, the group also sent emails and enquiries masquerading as Coronavirus assistance schemes. Attacking the public and private sector, data from over 150 companies across Nigeria, Singapore, Japan, the UK and the US has been compromised. On top of phishing tactics, the gang utilised spyware and remote-access trojans (Rats) to further their attacks and gain even more money. The combination of techniques meant that the highly organised and established group was able to gain maximum funds. Their large-scale operation meant that the group was divided into subgroups. Because of this, it is likely that many members of the group are still active in their endeavours, and some of the data obtained may have been sold to other organisations and criminal groups.
The joint efforts of Interpol, Group-IB (cyber security company) and the Nigerian Police Force identified and located group members, resulting in their arrest. This illustrates how collaborative strategies are integral in the catching and convicting of cyber criminals.
Referred to as TMT, this criminal organisation is an example of the substantial damage cyber criminals can inflict. Their ability to impact, gain access to, and generate money from such a large number of companies worldwide demonstrates the scope that cyber attacks offer criminals. On the flip side, the collaborative works of police, cyber security teams and Interpol shows how cyber crime can be effectively caught. While the criminal organisation was large and dangerous, the events do offer hope for a continuance of impressive fights against these criminal acts.