Home Security INTERPOL Nabs Hacking Crew OPERA1ER’s Chief Behind $11 Million Cybercrime

INTERPOL Nabs Hacking Crew OPERA1ER’s Chief Behind $11 Million Cybercrime

by crpt os


Jul 06, 2023Ravie LakshmananCyber Crime / Hacking

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced.

“The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million — in more than 30 attacks across 15 countries in Africa, Asia, and Latin America,” the agency said.

The arrest was made by authorities in Côte d’Ivoire early last month. Additional insight was provided by the U.S. Secret Service’s Criminal Investigative Division and Booz Allen Hamilton DarkLabs.

The financially motivated collective is also known by the aliases Common Raven, DESKTOP-GROUP, and NX$M$. Its modus operandi was first exposed by Group-IB and Orange CERT Coordination Center (Orange-CERT-CC) in November 2022, detailing its intrusions on banks, financial services, and telecom companies between March 2018 and October 2022.

UPCOMING WEBINAR

🔐 Privileged Access Management: Learn How to Conquer Key Challenges

Discover different approaches to conquer Privileged Account Management (PAM) challenges and level up your privileged access security strategy.

Reserve Your Spot

Earlier this January, Broadcom’s Symantec said it uncovered a set of targeted attacks against the financial sector in Francophone countries located in Africa from at least July 2022 to September 2022. The company said the activity, which it tracks as Bluebottle, has a degree of crossover with OPERA1ER.

Attack chains mounted by the group have leveraged spear-phishing lures that set off a chain of events that eventually leads to the deployment of post-exploitation tools like Cobalt Strike and Metasploit and off-the-shelf remote access trojans, which accommodate various functionalities to steal sensitive data.

Hacking Crew

OPERA1ER has also been observed maintaining access to compromised networks for a period ranging anywhere from three to twelve months, occasionally targeting the same company several times.

“Most of the messages were written in French, and mimicked fake tax office notifications or hiring offers,” Group-IB said. “OPERA1ER was able to get access to internal payment systems used by the affected organizations, and leveraged this to withdraw funds.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex