On the 15th of October, a Europol sting operation led by Portuguese law enforcement with some help from the US Department of Justice resulted in over 40 warrants and subsequent arrests.
Assets were seized, however, at the moment the exact sum has not been confirmed by the law enforcement agencies of the countries involved. Computers used for the operations and other hardware — including cryptocurrency mining rigs in Bulgaria — have also been seized.
In the wake of the operation that saw cooperation between 14 countries, an arrest has also been made on Australian soil. At the moment, however, there are no additional details pertaining to the arrest, due to privacy laws.
The sting operation — named Operation 2BaGoldMule — was carried out on members of the QQAAZZ cybercrime group.
Comprised of several layers of members mainly operating out of Latvia, Georgia, Bulgaria, Romania, the UK, Spain, and Belgium, the QQAAZZ network ran and maintained hundreds of corporate and personal bank accounts — as well as crypto wallets — from all over the world to receive money from cybercriminals who gained the funds from illicit activities, whether through classic theft, identity theft or scamming.
The funds were then bounced around through the QQAAZZ-controlled account network and sometimes converted to cryptocurrency using ‘tumbling’ services in order to launder the illicit funds — before returning the now clean funds to the thieves, minus a fee of up to 50%.
QQAAZZ advertised themselves as a “global, complicit bank drops service” on Russian hacking where cybercriminals, hackers, and networkers would gather to offer their skills — or find the right person for an online heist. The teams behind some of the world’s most harmful malware in recent years — such as Dridex, Trickbot, and GozNym — are some of QQAAZZ’s many clients.
Edvardas Šileris — the Head of Europol’s European Cybercrime Centre — stated that the 2BaGoldMule operation was just one of many examples of how a coordinated response from strategic partners worldwide can stop millions from being stolen by bad actors.
“Cybercriminals are constantly exploring new possibilities to abuse technology and financial frameworks to victimize millions of users in a moment from anywhere in the world. Today’s operation shows how through a proper law enforcement international coordination we can turn the table on these criminals and bring them to justice.”
The first exact charges should be confirmed in the near future by the United States Attorney Office for the Western District of Pennsylvania.