A year-long international investigation has resulted in the
arrest of the suspected head of the SilverTerrier cybercrime group
by the Nigeria Police Force.
“The suspect is alleged to have run a transnational cybercrime
syndicate that launched mass phishing campaigns and business email
compromise schemes targeting companies and individual victims,”
Interpol said[1]
in a statement.
Operation Delilah, as the coordinated international effort is
called, involved tracking the 37-year-old Nigerian man’s physical
movements, before he was apprehended at Murtala Muhammed
International Airport in Lagos in March 2022.
Singapore-headquartered cybersecurity company Group-IB said[2]
it provided threat intelligence that led to the arrest as part of
the police operation that commenced in May 2021.
According to Palo Alto Networks’ Unit
42[3], which also assisted in
the probe into SilverTerrier activity, the unnamed suspect is said
to have been active since 2015 and involved in the creation of over
240 domains, of which 50 were used to provide command-and-control
for malware such as LokiBot.
Unit 42 also noted that the criminal actor evaded arrest during
a prior sting by fleeing Nigeria in June 2021 only to be caught
when trying to get back home earlier this March. Furthermore, he
attempted to sell his Autobiography Special Edition Range Rover for
5.8 million Naira (about $14,000) on Facebook before leaving the
country.
The development is the third in a series of law enforcement
actions aimed at the identification and arrest of the suspected
members of the SilverTerrier gang (aka TMT).
In November 2020, three alleged members of the group were
arrested[4]
for compromising at least 500,000 government and private sector
companies in more than 150 countries since 2017. This was followed
by the arrests of 11 more members[5] earlier this year as
part of an operation dubbed Falcon.
References
Read more https://thehackernews.com/2022/05/interpol-arrest-leader-of-silverterrier.html