Group IB assists in police operations across SEA targeting cybercriminals in Android RAT campaign

by

Azunta Gaviola

-

4 months ago

Get ready to explore the future of marketing and elevate your business! The ‘What’s NEXT in Marketing 2024-2025’ series is heading to Indonesia, Malaysia, the Philippines, and Singapore. Don’t miss out!

Singapore – Group IB, a computer and network security firm, has recently announced that it has collaborated with the Singapore Police Force, the Hong Kong Police Force (HKPF), and the Royal Malaysia Police in a joint operation called Operation DISTANTHILL. 

This strategic operation led to the arrest of cybercriminals responsible for an Android Remote Access Trojan (RAT) campaign. The said campaign, which targeted victims across Southeast Asia, such as Singapore, recorded 1,899 cases in 2023 and total losses exceeding US$25m. 

In this case, Group IB’s involvement encompassed thorough investigation, meticulous data analysis, and the application of advanced graph network analysis technology. These efforts significantly aided in pinpointing the syndicate’s network and infrastructure.

During the investigation, the company’s high-tech crimes investigation unit uncovered that the RAT targeted exploited Android users via phishing campaigns. Victims were then lured to download and install fake apps that appeared to offer special prices for goods and food items. 

Upon installation and permission granting, the RAT facilitated the capture of sensitive data, including personal credentials and SMS-based one-time passwords (OTP) sent by financial institutions. The malware further enabled real-time geolocation tracking and persisted even after the device rebooted.

Group IB also played a crucial role in the analysis of the malware-as-a-service campaign and the tracing of over 250 phishing web pages used to distribute the fraudulent apps. With their Graph Network Analysis technology, Group IB also correlated C2 servers from over 100 malware samples, offering comprehensive insights into the syndicate’s network infrastructure and operations.

Dmitry Volkov, chief executive officer at Group-IB, said, “We are delighted to contribute to Operation DISTANTHILL and the dismantling of the malicious Android Trojan campaign. This successful operation is a testament to the power of collaboration between law enforcement agencies and the private sector in the fight against digital threats.”

“Through our worldwide network of Digital Crime Resistance Centres (DCRCs), including in Singapore, we are able to offer tailored solutions to address cybersecurity threats that are unique to our local clients, businesses, and their customers,” added Dmitry.

“We encourage others to join us in fighting cybercrime, and by pooling our resources, expertise, and technology, we can strengthen global cybersecurity. This partnership underscores our shared mission to relentlessly pursue cybercriminals and protect individuals and businesses from evolving threats, reinforcing the vital importance of public-private collaboration in securing our digital future,” he further explained.

Cheng, chief inspector at HKPF, stated, “Group-IB’s dedication to cybersecurity, as a member of the Cyber Security Action Task Force (CSATF) established by the Hong Kong Police Force (HKPF), reflects the collective effort of both the public and private sectors in safeguarding our digital landscape. Group-IB’s invaluable contributions exemplify the spirit of cooperation essential in this endeavour.”

Grab your opportunity to harness marketing strategies through the power of WhatsApp in our workshop! Happening on 8 October 2024 at Capri by Fraser China Square in Singapore, with speakers from Bird and Endowus, register your interest now!
Get ready to explore the future of marketing and elevate your business! The ‘What’s NEXT in Marketing 2024-2025’ series is heading to Indonesia, Malaysia, the Philippines, Singapore, and Hong Kong. Don’t miss out!
Share

RECENT ARTICLES

Teradata to accelerate AI workloads amongst global enterprises with latest NVIDIA partnership
Twilio, OpenAI partnership to boost operational efficiency, personalisation following real-time API integration
Ideaspace Ventures expands startup ecosystem with five new additions to its latest cohort
Tata Communications, Palo Alto Networks to offer advanced enterprise security solutions with recent partnership
Cisco to empower Malaysia’s AI strategy following multiple collaborations
Ellipse 3

RELATED ARTICLES

1_Teradata to accelerate AI workloads amongst global enterprises with latest NVIDIA partnership (2)_11zon
Twilio, OpenAI partnership to boost operational efficiency, personalisation following real-time API integration (1)_11zon
Ideaspace Ventures expands startup ecosystem with five new additions to its latest cohort_11zon
Ellipse 3

FEATURED ARTICLES

1_Teradata to accelerate AI workloads amongst global enterprises with latest NVIDIA partnership (2)_11zon
Twilio, OpenAI partnership to boost operational efficiency, personalisation following real-time API integration (1)_11zon
Ideaspace Ventures expands startup ecosystem with five new additions to its latest cohort_11zon

Subscribe to UpTech Media Newsletter

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.

Video Title Here: The Indonesian on-ground activation status

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos.