Found 61 bookmarks
Newest
Netherlands: Two teenagers arrested in spying case linked to Russia
Netherlands: Two teenagers arrested in spying case linked to Russia
bbc.com/ Jacqueline Howard The pair were allegedly recruited by pro-Russian hackers and used a "wi-fi sniffer" on the Europol headquarters. Two 17-year-old boys have been arrested on suspicion of "state interference" in the Netherlands, prosecutors say, in a case with reported links to Russian spying. The pair were allegedly contacted by pro-Russian hackers on the messaging app Telegram, Dutch media reported. One of the boys allegedly walked past the offices of Europol, Eurojust and the Canadian embassy in The Hague carrying a "wi-fi sniffer" - a device designed to identify and intercept wi-fi networks. The teenagers appeared before a judge on Thursday, who ordered one boy be remanded in custody and the other placed on strict home bail conditions until a hearing, which is due to take place in the next two weeks. The National Office of the Netherlands Public Prosecution Service confirmed court appearance, but told the BBC it could not provide details on the case due to the suspects' age and in "the interest of the investigation", which is ongoing. One of the boy's father told Dutch newspaper De Telegraaf that police had arrested his son on Monday afternoon while he was doing his homework. He said police told him that the arrest related to espionage and rendering services to a foreign country, the paper reports. The teenager was described as being computer savvy and having a fascination for hacking, while holding a part-time job at a supermarket. The Netherlands' domestic intelligence and security agency declined to comment on the case when approached by the BBC.
#bbc.com#EN#2025#wifi-sniffer#Europol#spying#Russia#teenagers
·bbc.com·
Netherlands: Two teenagers arrested in spying case linked to Russia
Le cerveau du géant cybercriminel XXS.is arrêté à Kiev, après quatre ans d'enquête française
Le cerveau du géant cybercriminel XXS.is arrêté à Kiev, après quatre ans d'enquête française
clubic.com - L'administrateur russophone d'un des plus influents forums cybercriminels mondiaux, XSS.is, vient d'être arrêté. L'opération est le fruit d'une enquête franco-ukrainienne de longue haleine. Les autorités ukrainiennes ont interpellé à Kiev, mardi 22 juillet, le cerveau présumé de XSS.is, une plateforme défavorablement réputée, puisque lieu incontournable de la cybercriminalité russophone. L'arrestation couronne une investigation française lancée il y a quatre ans maintenant, et qui révèle aujourd'hui l'ampleur considérable des gains amassés par l'administrateur du forum, estimés à sept millions d'euros. XSS.is cachait 50 000 cybercriminels derrière ses serveurs chiffrés Actif depuis 2013 tout de même, XSS.is, autrefois connu sous le nom de DaMaGeLab, constituait l'un des principaux carrefours de la cybercriminalité mondiale. La plateforme russophone rassemblait plus de 50 000 utilisateurs enregistrés, autrement dit un vrai supermarché du piratage informatique, même si beaucoup moins fréquenté que feu BreachForums, tombé en avril. Sur XSS.is, les malwares, les données personnelles et des accès à des systèmes compromis se négociaient dans l'ombre du dark web. Le forum proposait aussi des services liés aux ransomwares, ces programmes malveillants qui bloquent les données d'un ordinateur jusqu'au paiement d'une rançon. Un serveur de messagerie chiffrée, « thesecure.biz », complétait l'arsenal en facilitant les échanges anonymes entre cybercriminels. L'infrastructure offrait ainsi un environnement sécurisé pour leurs activités illégales. L'administrateur ne se contentait pas d'un rôle technique passif. Tel un chef d'orchestre du crime numérique, il arbitrait les disputes entre hackers et garantissait la sécurité des transactions frauduleuses. Un homme aux multiples casquettes, en somme. Toujours est-il que cette position centrale lui permettait de prélever des commissions substantielles sur chaque échange. Une coopération internationale exemplaire, portée par la France L'enquête préliminaire française, ouverte le 2 juillet 2021 par la section cybercriminalité du parquet de Paris, a mobilisé la Brigade de lutte contre la cybercriminalité. Les investigations ont révélé des bénéfices criminels d'au moins 7 millions d'euros, dévoilés grâce aux captations judiciaires effectuées sur les serveurs de messagerie. Outre la France et les autorités ukrainiennes, Europol a joué un rôle déterminant dans cette opération d'envergure internationale. L'agence européenne a facilité la coordination complexe entre les autorités françaises et ukrainiennes, déployant même un bureau mobile à Kiev pour faciliter l'arrestation. Voilà en tout cas une arrestation de plus contre les réseaux cybercriminels. Souvenez-vous, il y a quelques jours, les mêmes agences avaient déjà démantelé le groupe de hackers prorusses NoName057(16). Des succès successifs qui témoignent d'une intensification bienvenue dans la lutte contre les menaces et les hackers, alors que les cyberattaques se multiplient contre les infrastructures critiques européennes.
#clubic.com#FR#2025#forum#France#europol#XSS.is#busted
·clubic.com·
Le cerveau du géant cybercriminel XXS.is arrêté à Kiev, après quatre ans d'enquête française
Europol and Microsoft disrupt world’s largest infostealer Lumma
Europol and Microsoft disrupt world’s largest infostealer Lumma
This joint operation targeted the sophisticated ecosystem that allowed Europol’s European Cybercrime Centre has worked with Microsoft to disrupt Lumma Stealer (“Lumma”), the world’s most significant infostealer threat. This joint operation targeted the sophisticated ecosystem that allowed criminals to exploit stolen information on a massive scale. Europol coordinated with law enforcement in Europe to ensure action was taken, leveraging intelligence provided by Microsoft. Between 16 March and 16 May 2025, Microsoft identified over 394 000 Windows computers globally infected by the Lumma malware. In a coordinated follow-up operation this week, Microsoft’s Digital Crimes Unit (DCU), Europol, and international partners have disrupted Lumma’s technical infrastructure, cutting off communications between the malicious tool and victims. In addition, over 1 300 domains seized by or transferred to Microsoft, including 300 domains actioned by law enforcement with the support of Europol, will be redirected to Microsoft sinkholes. The Head of Europol’s European Cybercrime Centre, Edvardas Šileris, said: “This operation is a clear example of how public-private partnerships are transforming the fight against cybercrime. By combining Europol’s coordination capabilities with Microsoft’s technical insights, a vast criminal infrastructure has been disrupted. Cybercriminals thrive on fragmentation – but together, we are stronger.”
#europol#EEN#2025#LummaStealer#operation#disrupt#infostealer
·europol.europa.eu·
Europol and Microsoft disrupt world’s largest infostealer Lumma
DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains | Europol
DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains | Europol
In the latest blow to the criminal market for distributed denial of service (DDoS)-for-hire services, Polish authorities have arrested four individuals who allegedly ran a network of platforms used to launch thousands of cyberattacks worldwide. The suspects are believed to be behind six separate stresser/booter services that enabled paying customers to flood websites and servers with malicious traffic — knocking them offline for as little as EUR 10. The now defunct platforms – Cfxapi, Cfxsecurity, neostress, jetstress, quickdown and zapcut – are thought to have facilitated widespread attacks on schools, government services, businesses, and gaming platforms between 2022 and 2025. The platforms offered slick interfaces that required no technical skills. Users simply entered a target IP address, selected the type and duration of attack, and paid the fee — automating attacks that could overwhelm even well-defended websites. Global law enforcement response The arrests in Poland were part of a coordinated international action involving law enforcement authorities in 4 countries, with Europol providing analytical and operational support throughout the investigation. Dutch authorities have deployed fake booter sites designed to warn users seeking out DDoS-for-hire services, reinforcing the message that those who use these tools are being watched and could face prosecution. Data from booter websites, seized by Dutch law enforcement in data centres in the Netherlands, was shared with international partners, including Poland, contributing to the arrest of the four administrators. The United States seized 9 domains associated with booter services during the coordinated week of action, continuing its broader campaign against commercialised DDoS platforms. Germany supported the Polish-led investigation by helping identify one of the suspects and sharing critical intelligence on others.
#europol#EN#2025#DDoS-for-hire#arrested#busted#law#enforcement#response#PowerOFF
·europol.europa.eu·
DDoS-for-hire empire brought down: Poland arrests 4 administrators, US seizes 9 domains | Europol
Police takes down six DDoS-for-hire services, arrests admins
Police takes down six DDoS-for-hire services, arrests admins
​Polish authorities have detained four suspects linked to six DDoS-for-hire platforms, believed to have facilitated thousands of attacks targeting schools, government services, businesses, and gaming platforms worldwide since 2022. Such platforms are often marketed as legitimate testing tools on the dark web and hacking forums, but are mainly used to disrupt online services, servers, and websites by flooding them with traffic in distributed denial-of-service (DDoS) attacks and causing outages for real users. The six DDoS services, named Cfxapi, Cfxsecurity, neostress, jetstress, quickdown, and zapcut, have been taken down in a coordinated law enforcement action involving authorities from Germany, the Netherlands, Poland, and the United States. "In the latest blow to the criminal market for distributed denial of service (DDoS)-for-hire services, Polish authorities have arrested four individuals who allegedly ran a network of platforms used to launch thousands of cyberattacks worldwide," Europol said on Wednesday. "The suspects are believed to be behind six separate stresser/booter services that enabled paying customers to flood websites and servers with malicious traffic — knocking them offline for as little as EUR 10."
#bleepingcomputer#EN#2025#Booter#DDoS#Distributed-Denial-of-Service#Europol#Operation-PowerOFF#Poland#Stresser
·bleepingcomputer.com·
Police takes down six DDoS-for-hire services, arrests admins
Eight countries launch Operational Taskforce to tackle violence-as-a-service
Eight countries launch Operational Taskforce to tackle violence-as-a-service
Europol has launched a new Operational Taskforce (OTF) to tackle the rising trend of violence-as-a-service and the recruitment of young perpetrators into serious and organised crime. Known as OTF GRIMM, the Taskforce, led by Sweden, brings together law enforcement authorities from Belgium, Denmark, Finland, France, Germany, the Netherlands, and Norway, with Europol providing operational support, threat analysis and coordination. The exploitation of young perpetrators to carry out criminal acts has emerged as a fast-evolving tactic used by organised crime. This trend was underlined in the European Union Serious and Organised Crime Threat Assessment 2025 (EU-SOCTA), which identified the deliberate use of youngsters as a way to avoid detection and prosecution. Violence-as-a-service refers to the outsourcing of violent acts to criminal service providers — often involving the use of young perpetrators to carry out threats, assaults, or killings for a fee. Investigations show that these acts are often orchestrated remotely, with young people recruited and instructed online. There is a clear demand from the criminal underworld for youngsters willing to carry out violent tasks — and a supply of vulnerable young people being groomed or coerced into doing so.
#europol#EN#2025#EU#EU-SOCTA#violence-as-a-service#Operational#Taskforce
·europol.europa.eu·
Eight countries launch Operational Taskforce to tackle violence-as-a-service
International investigation disrupts phishing-as-a-service platform LabHost
International investigation disrupts phishing-as-a-service platform LabHost
Between Sunday 14 April and Wednesday 17 April a total of 70 addresses were searched across the world, resulting in the arrest of 37 suspects. This includes the arrest of 4 individuals in the United Kingdom linked to the running of the site, including the original developer of the service.The LabHost platform, previously available on the open web, has been...
#Europol#EN#2025#phishing-as-a-service#platform#LabHost#busted#disrupted
·europol.europa.eu·
International investigation disrupts phishing-as-a-service platform LabHost
Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users | Europol
Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users | Europol
Kidflix, one of the largest paedophile platforms in the world, has been shut down in an international operation against child sexual exploitation. The investigation was supported by Europol and led by the State Criminal Police of Bavaria (Bayerisches Landeskriminalamt) and the Bavarian Central Office for the Prosecution of Cybercrime (ZCB). Over 35 countries worldwide participated in the operation. almost 1 400 suspects worldwide. So far, 79 of these individuals have been arrested...
#europol#EN#2025#Kidflix#sexual#exploitation#platform#paedophile#Bavaria#busted
·europol.europa.eu·
Global crackdown on Kidflix, a major child sexual exploitation platform with almost two million users | Europol
Key figures behind Phobos and 8Base ransomware arrested in international cybercrime crackdown
Key figures behind Phobos and 8Base ransomware arrested in international cybercrime crackdown
This follows a series of high-impact arrests targeting Phobos ransomware:An administrator of Phobos was arrested in South Korea in June 2024 and extradited to the United States in November of the same year. He is now facing prosecution for orchestrating ransomware attacks that encrypted critical infrastructure, business systems, and personal data for ransom.A key Phobos affiliate was arrested in Italy...
#europol#EN#2025#busted#phobos#8base#ransomware#arrested#fedpol#crackdown#Switzerland
·europol.europa.eu·
Key figures behind Phobos and 8Base ransomware arrested in international cybercrime crackdown
Hacker forums Cracked, Nulled and others, seized under FBI's 'Operation Talent'
Hacker forums Cracked, Nulled and others, seized under FBI's 'Operation Talent'
Hacker forums Cracked[.]io, Nulled[.]to, MySellIX[.]io, and StarkRDP[.]io on Wednesday are seized by the FBI, Europol, and international law enforcement as part of ‘Operation Talent.’ A large ‘‘Operation Talent’ seizure poster was splashed across most of the shady websites by Wednesday afternoon.
#cybernews#EN#2025#Cracked#Nulled#MySellIX#forum#seized#Operation-Talent#FBI#Europol
·cybernews.com·
Hacker forums Cracked, Nulled and others, seized under FBI's 'Operation Talent'
Fraudulent shopping sites tied to cybercrime marketplace taken offline
Fraudulent shopping sites tied to cybercrime marketplace taken offline
The investigation began in the autumn of 2022, following reports of fraudulent phone calls in which scammers impersonated bank employees to extract sensitive information, such as addresses and security answers, from victims. The stolen data was traced back to a specialised online marketplace that operated as a central hub for the trade of illegally obtained information.A central hub for cyber...
#europol#EN#2024#Fraudulent#shopping#marketplace#MansonMarket
·europol.europa.eu·
Fraudulent shopping sites tied to cybercrime marketplace taken offline
LockBit power cut: four new arrests and financial sanctions against affiliates | Europol
LockBit power cut: four new arrests and financial sanctions against affiliates | Europol
These are some of the results of the third phase of Operation Cronos, a long-running collective effort of law enforcement authorities from 12 countries, Europol and Eurojust, who joined forces to effectively disrupt at all levels the criminal operations of the LockBit ransomware group. These actions follow the massive disruption of LockBit infrastructure in February 2024, as well as the large series of sanctions and operational actions that took place against LockBit administrators in May and subsequent months. Between 2021 and 2023, LockBit was the most widely employed ransomware variant globally with a notable number of victims claimed on its data leak site. Lockbit operated on the ransom as a service model. The core group sold access to affiliates and received portions of the collected ransom payments. Entities deploying LockBit ransomware attacks had targeted organisations of various sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing and transportation. Reflecting the considerable number of independent affiliates involved, LockBit ransomware attacks display significant variation in observed tactics, techniques and procedures. #2024 #EN #Eurojust #LockBit #busted #disrupt #europol
#EN#europol#Eurojust#LockBit#2024#busted#disrupt
·europol.europa.eu·
LockBit power cut: four new arrests and financial sanctions against affiliates | Europol
Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol
Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol
Investigators reported 483 000 victims worldwide, who had attempted to regain access to their phones and been phished in the process. The victims are mainly Spanish-speaking nationals from European, North American and South American countries.The successful operation took place thanks to international cooperation between law enforcement and judiciary authorities from Spain, Argentina, Chile, Colombia, Ecuador and Peru.The action week took...
#europol#EN#2024#phishing#busted#operacion-kaerb#seized#spain
·europol.europa.eu·
Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America | Europol
Europol coordinates global action against criminal abuse of Cobalt Strike
Europol coordinates global action against criminal abuse of Cobalt Strike
Abuse by cybercriminals Cobalt Strike is a popular commercial tool provided by the cybersecurity software company Fortra. It is designed to help legitimate IT security experts perform attack simulations that identify weaknesses in security operations and incident responses. In the wrong hands, however, unlicensed copies of Cobalt Strike can provide a malicious actor with a wide range of attack capabilities.Fortra...
#europol#EN#2024#crackdown#CobaltStrike#cybercriminals
·europol.europa.eu·
Europol coordinates global action against criminal abuse of Cobalt Strike
Europol coordinates global action against criminal abuse of Cobalt Strike | Europol
Europol coordinates global action against criminal abuse of Cobalt Strike | Europol
Abuse by cybercriminals Cobalt Strike is a popular commercial tool provided by the cybersecurity software company Fortra. It is designed to help legitimate IT security experts perform attack simulations that identify weaknesses in security operations and incident responses. In the wrong hands, however, unlicensed copies of Cobalt Strike can provide a malicious actor with a wide range of attack capabilities.Fortra...
#europol#EN#2024#CobaltStrike#action
·europol.europa.eu·
Europol coordinates global action against criminal abuse of Cobalt Strike | Europol
Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol
Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol
The servers supported multiple media outlets linked to Islamic State. They were used to disseminate worldwide propaganda and messages capable of inciting terrorism in at least thirty languages. Eurojust and Europol coordinated and supported the joint operations.This week’s joint operations are part of ongoing efforts and constant vigilance to tackle online terrorist propaganda and communications, including through social media. They...
#europol#EN#2024#outlets#terrorist#takedown#Islamic-State
·europol.europa.eu·
Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol
Largest ever operation against botnets hits dropper malware ecosystem | Europol
Largest ever operation against botnets hits dropper malware ecosystem | Europol
Between 27 and 29 May 2024 Operation Endgame, coordinated from Europol’s headquarters, targeted droppers including, IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot. The actions focused on disrupting criminal services through arresting High Value Targets, taking down the criminal infrastructures and freezing illegal proceeds. This approach had a global impact on the dropper ecosystem. The malware, whose infrastructure was taken down...
#Europol#EN#2024#Operation-Endgame#IcedID#SystemBC#Pikabot#Smokeloader#Bumblebee#Trickbot#dropper#botnets
·europol.europa.eu·
Largest ever operation against botnets hits dropper malware ecosystem | Europol
Europol confirms web portal breach, says no operational data stolen
Europol confirms web portal breach, says no operational data stolen
Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data. #Breach #Computer #Data #EPE #Europol #InfoSec #Leak #Security #Theft
#bleepingcomputer#EN#2024#Europol#Security#EPE#Theft#Leak#InfoSec#Data#Breach#Computer
·bleepingcomputer.com·
Europol confirms web portal breach, says no operational data stolen
Operation PANDORA shuts down 12 phone fraud call centres
Operation PANDORA shuts down 12 phone fraud call centres
Operation PANDORA started with a bank teller in Freiburg, Germany. When in December 2023 a customer asked to withdraw over EUR 100 000 in cash, the bank teller grew suspicious and quickly learned the customer had fallen victim to a ‘fake police officer scam’. He informed the real police, which prevented the victim from handing the money over to the...
#Europol#EN#2024#Op-Pandora#PANDORA#phone-scam#fraud#scam#arrested
·europol.europa.eu·
Operation PANDORA shuts down 12 phone fraud call centres
Police arrests LockBit ransomware members, release decryptor in global crackdown
Police arrests LockBit ransomware members, release decryptor in global crackdown
Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation.
#bleepingcomputer#EN#2024#Europol#LockBit#NCA#Police#Ransomware
·bleepingcomputer.com·
Police arrests LockBit ransomware members, release decryptor in global crackdown
Law enforcement disrupt world’s biggest ransomware operation
Law enforcement disrupt world’s biggest ransomware operation
LockBit is widely recognised as the world’s most prolific and harmful ransomware, causing billions of euros worth of damage.This international sweep follows a complex investigation led by the UK National Crime Agency in the framework of an international taskforce known as ‘Operation Cronos’, coordinated at European level by Europol and Eurojust.The months-long operation has resulted in the compromise of LockBit’s...
#Europol#EN#2024#LockBit#Operation-Cronos#disrupted#ransomware
·europol.europa.eu·
Law enforcement disrupt world’s biggest ransomware operation
Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme
Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme
The 29-year-old individual was apprehended in Mykolaiv, Ukraine, on 9 January. Three properties were searched to gather evidence against the main suspect. The arrest comes after months of intensive collaboration between Ukrainian authorities, Europol and a cloud provider, who worked tirelessly to identify and locate the individual behind the widespread cryptojacking operation.The suspect is believed to have mined over USD...
#europol#EN#2024#apprehended#Ukraine#Cryptojacker#arrested
·europol.europa.eu·
Cryptojacker arrested in Ukraine over EUR 1.8 million mining scheme
Early Warning Notification - the use of Bluetooth trackers for geolocation in organised crime | Europol
Early Warning Notification - the use of Bluetooth trackers for geolocation in organised crime | Europol
Bluetooth Trackers Exploited for Geolocation in Organised CrimeBluetooth trackers, commonly used for locating personal items and vehicles, have become an unexpected tool in organised crime, according to recent findings reported by Europol in an Early Warning Notification. Typically designed for purposes such as finding lost keys or preventing vehicle theft, Bluetooth trackers are now being leveraged by criminals for geo-locating...
#europol#EN#2023#warning#bluetoot#tracker#Geolocation#tag#AirTags
·europol.europa.eu·
Early Warning Notification - the use of Bluetooth trackers for geolocation in organised crime | Europol