Search

Group IB assists in police operations across SEA targeting cybercriminals in Android RAT campaign

by

Azunta Gaviola

-

4 weeks ago

Are you ready to unlock the secrets to skyrocketing your e-commerce business in the hearts of Southeast Asia’s e-commerce hub? The ‘E-Commerce Marketing Series 2024’ conferences are coming to Malaysia and the Philippines starting this July! Click here to find out more!

Singapore – Group IB, a computer and network security firm, has recently announced that it has collaborated with the Singapore Police Force, the Hong Kong Police Force (HKPF), and the Royal Malaysia Police in a joint operation called Operation DISTANTHILL. 

This strategic operation led to the arrest of cybercriminals responsible for an Android Remote Access Trojan (RAT) campaign. The said campaign, which targeted victims across Southeast Asia, such as Singapore, recorded 1,899 cases in 2023 and total losses exceeding US$25m. 

In this case, Group IB’s involvement encompassed thorough investigation, meticulous data analysis, and the application of advanced graph network analysis technology. These efforts significantly aided in pinpointing the syndicate’s network and infrastructure.

During the investigation, the company’s high-tech crimes investigation unit uncovered that the RAT targeted exploited Android users via phishing campaigns. Victims were then lured to download and install fake apps that appeared to offer special prices for goods and food items. 

Upon installation and permission granting, the RAT facilitated the capture of sensitive data, including personal credentials and SMS-based one-time passwords (OTP) sent by financial institutions. The malware further enabled real-time geolocation tracking and persisted even after the device rebooted.

Group IB also played a crucial role in the analysis of the malware-as-a-service campaign and the tracing of over 250 phishing web pages used to distribute the fraudulent apps. With their Graph Network Analysis technology, Group IB also correlated C2 servers from over 100 malware samples, offering comprehensive insights into the syndicate’s network infrastructure and operations.

Dmitry Volkov, chief executive officer at Group-IB, said, “We are delighted to contribute to Operation DISTANTHILL and the dismantling of the malicious Android Trojan campaign. This successful operation is a testament to the power of collaboration between law enforcement agencies and the private sector in the fight against digital threats.”

“Through our worldwide network of Digital Crime Resistance Centres (DCRCs), including in Singapore, we are able to offer tailored solutions to address cybersecurity threats that are unique to our local clients, businesses, and their customers,” added Dmitry.

“We encourage others to join us in fighting cybercrime, and by pooling our resources, expertise, and technology, we can strengthen global cybersecurity. This partnership underscores our shared mission to relentlessly pursue cybercriminals and protect individuals and businesses from evolving threats, reinforcing the vital importance of public-private collaboration in securing our digital future,” he further explained.

Cheng, chief inspector at HKPF, stated, “Group-IB’s dedication to cybersecurity, as a member of the Cyber Security Action Task Force (CSATF) established by the Hong Kong Police Force (HKPF), reflects the collective effort of both the public and private sectors in safeguarding our digital landscape. Group-IB’s invaluable contributions exemplify the spirit of cooperation essential in this endeavour.”

Discover the current trends in business communication based on over 473 billion interactions. Download the free report here to stay ahead of the curve in messaging trends!
Experience history at MARKETECH APAC’s ‘Marketing Technology Awards 2024! On November 28, live in Singapore, celebrate visionaries shaping Asia-Pacific’s marketing tech across 45 categories. Join us in honouring innovation and excellence! Click here to learn more.

 

Share

RECENT ARTICLES

Progress unveils new capabilities of LoadMaster 360 to help organisations secure web applications
NetApp to boost scalability, performance for strategic cloud workloads with expanded capabilities
NCS introduces suite of AI, digital resilience solutions to boost tech adoption
CelcomDigi’s new AI experience centre to drive digital transformation, accelerate development using emerging tech
Email security awareness in SEA soars the highest amongst developing regions at 43.2%: report
Ellipse 3

RELATED ARTICLES

Progress unveils new capabilities of LoadMaster 360 to help organisations secure web applications_11zon
NetApp to boost scalability, performance for strategic cloud workloads with expanded capabilities_11zon
NCS introduces suite of AI, digital resilience solutions to boost tech adoption_11zon
Ellipse 3

FEATURED ARTICLES

Progress unveils new capabilities of LoadMaster 360 to help organisations secure web applications_11zon
NetApp to boost scalability, performance for strategic cloud workloads with expanded capabilities_11zon
NCS introduces suite of AI, digital resilience solutions to boost tech adoption_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.