Hackingblogs :Through the use of a phishing platform, Europol has assisted police in Europe and Latin America in destroying an international criminal network that was involved in unlocking lost or stolen mobile phones.
Between September 10 and September 17, there were 17 arrests, 28 searches, and 921 items mostly mobile phones, but also other electronic equipment, cars, and firearms seized during the action week.
483 000 victims were reported by investigators to have been phished while attempting to regain access to their phones globally. Spanish-speaking citizens of European, North American, and South American nations make up the majority of the victims.
What is Operation Kaerb ?
An international operation coded “Operation Kaerb,” coordinated by Europol and Ameripol in collaboration with European and Latin American law enforcement agencies and judiciary authorities, was contributed by Group-IB, a leading innovator of cybersecurity technologies to investigate, prevent, and combat digital crime.
The outcome of the operation was the arrest of 17 cybercriminals in Argentina, Chile, Colombia, Ecuador, Peru, and Spain, who were responsible for the iServer phishing-as-a-platform that targeted mobile users globally.
Law enforcement investigators indicate that over its five years of operation, the iServer phishing-as-a-service platform targeted over 1.2 million mobile phones and claimed around 483,000 victims globally. The multi-agency law enforcement operation that occurred between September 10 and 17, 2024, also resulted in the arrest of the Argentinean national who was the administrator of the iServer phishing platform.
What was the IServer Platform ?
Spanish-speaking criminals in North and South America were the main users of the iServer platform, which has been operational for at least five years. However, it has since spread to Europe and other regions.
Even while iServer was essentially an automated phishing platform, it different from other phishing-as-a-service providers due to its unique focus on gathering credentials to unlock stolen phones. Low-skilled criminals, referred to as “unlockers,” can obtain victim’s device passwords, user credentials from cloud-based mobile apps, and other personal information by using the web interface of iServer’s platform.
The phishing scam’s methodology
The Argentinean national who has been in charge of the phishing platform since 2018 was the mastermind behind the illegal operation. This person, who was captured during action week, developed a phishing service that enabled thieves, known as “unlockers,” to obtain stolen or lost phones through tricking authorised owners into supplying login information.
The advanced phishing platform included extra features including phishing by phone, email, and SMS for an additional fee. During its operation, the platform registered around 2,000 thieves, who then used it to unlock over 1.2 million stolen mobile phones. The platform was located and shut down by Europol and its allies as part of a bigger campaign against cybercrime related to mobile phones.
