Group IB assists in police operations across SEA targeting cybercriminals in Android RAT campaign

by

Azunta Gaviola

-

10 months ago

Be part of the forefront of innovation and reshape the future of retail and e-commerce! Making its highly anticipated return, MARKETECH APAC and UpTech Media partners for the Retail & E-Commerce Innovation Marketing & Tech Summit Malaysia 2025, happening on 22 May 2025 at Sheraton Petaling Jaya and for the Retail &E-Commerce Innovation Marketing & Tech Summit: Philippines 2025 on 25 June 2025 at Shangri-La The Fort, Manila. Don’t miss out!

Singapore – Group IB, a computer and network security firm, has recently announced that it has collaborated with the Singapore Police Force, the Hong Kong Police Force (HKPF), and the Royal Malaysia Police in a joint operation called Operation DISTANTHILL. 

This strategic operation led to the arrest of cybercriminals responsible for an Android Remote Access Trojan (RAT) campaign. The said campaign, which targeted victims across Southeast Asia, such as Singapore, recorded 1,899 cases in 2023 and total losses exceeding US$25m. 

In this case, Group IB’s involvement encompassed thorough investigation, meticulous data analysis, and the application of advanced graph network analysis technology. These efforts significantly aided in pinpointing the syndicate’s network and infrastructure.

During the investigation, the company’s high-tech crimes investigation unit uncovered that the RAT targeted exploited Android users via phishing campaigns. Victims were then lured to download and install fake apps that appeared to offer special prices for goods and food items. 

Upon installation and permission granting, the RAT facilitated the capture of sensitive data, including personal credentials and SMS-based one-time passwords (OTP) sent by financial institutions. The malware further enabled real-time geolocation tracking and persisted even after the device rebooted.

Group IB also played a crucial role in the analysis of the malware-as-a-service campaign and the tracing of over 250 phishing web pages used to distribute the fraudulent apps. With their Graph Network Analysis technology, Group IB also correlated C2 servers from over 100 malware samples, offering comprehensive insights into the syndicate’s network infrastructure and operations.

Dmitry Volkov, chief executive officer at Group-IB, said, “We are delighted to contribute to Operation DISTANTHILL and the dismantling of the malicious Android Trojan campaign. This successful operation is a testament to the power of collaboration between law enforcement agencies and the private sector in the fight against digital threats.”

“Through our worldwide network of Digital Crime Resistance Centres (DCRCs), including in Singapore, we are able to offer tailored solutions to address cybersecurity threats that are unique to our local clients, businesses, and their customers,” added Dmitry.

“We encourage others to join us in fighting cybercrime, and by pooling our resources, expertise, and technology, we can strengthen global cybersecurity. This partnership underscores our shared mission to relentlessly pursue cybercriminals and protect individuals and businesses from evolving threats, reinforcing the vital importance of public-private collaboration in securing our digital future,” he further explained.

Cheng, chief inspector at HKPF, stated, “Group-IB’s dedication to cybersecurity, as a member of the Cyber Security Action Task Force (CSATF) established by the Hong Kong Police Force (HKPF), reflects the collective effort of both the public and private sectors in safeguarding our digital landscape. Group-IB’s invaluable contributions exemplify the spirit of cooperation essential in this endeavour.”

Be part of the forefront of innovation and reshape the future of retail and e-commerce! Making its highly anticipated return, MARKETECH APAC and UpTech Media partners for the Retail & E-Commerce Innovation Marketing & Tech Summit Philippines 2025, happening on 25 June 2025 at Shangri-La The Fort, Manila. Don’t miss out!

The NEXT Awards 2025 is here, and we’re seeking the most innovative marketing campaigns from Indonesia, the Philippines, Malaysia, Singapore and Asia Pacific. Submit your entry today and showcase your best work!

Share

RECENT ARTICLES

Delinea, Microsoft strengthen collaboration to enhance multi-cloud identity security
Nokia, Dell to power StarHub’s 5G cloud RAN trial
Google Cloud, NCSA collaborate to bolster Thailand’s digital transformation
Informatica welcomes Krish Vitaldevara as new executive vice president, chief product officer
Synagie, HKT to accelerate Hong Kong’s SME growth overseas with ‘ShopHK’ launch
Ellipse 3

RELATED ARTICLES

Delinea, Microsoft strengthen collaboration to enhance multi-cloud identity security_11zon
Nokia, Dell to power StarHub’s 5G cloud RAN trial
Google Cloud and NCSA Strategic Collaboration - 2 Apr 2025_11zon
Ellipse 3

FEATURED ARTICLES

Delinea, Microsoft strengthen collaboration to enhance multi-cloud identity security_11zon
Nokia, Dell to power StarHub’s 5G cloud RAN trial
Google Cloud and NCSA Strategic Collaboration - 2 Apr 2025_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.