Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


12:30 PM
Connect Directly

Authorities Strike Against Dozens Of Cyber Crooks

Last week was a banner week for the arrest and indictment of criminals accused of data theft, massive fraud, and DDoS attacks against private and public sector targets.

Last week was a busy one for cyber law enforcement as UK authorities arrested dozens of accused cyber criminals and US judicial officials unsealed an indictment of three foreign nationals for what they're calling the largest data breach in history.

According to officials with the UK's National Crime Agency (NCA), the agency's National Cyber Crime Unit (NCCU) coordinated with numerous regional and local forces in England, Scotland and Wales to arrest 57 people in 25 operations throughout the week. Some of the crimes alleged include network intrusion and data theft from multinational companies and government agencies, DDoS attacks, development of malicious software, and cyber-enabled fraud.

“Criminals need to realize that committing crime online will not make them anonymous to law enforcement," said Andy Archibald, deputy director of the NCA NCCU. "We are continuously working to track down and apprehend those seeking to utilize computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cyber crime."

Among the arrested individuals is a 23-year-old man who authorities say may have been involved in an intrusion in June 2014 of US Department of Defense (DOD) networks that resulted in the theft of information from the DOD's Enhanced Mobile Satellite Services global communication system, which is used for communication with international DoD employees.

Additionally, a 21-year-old man was arrested for NCCU's belief in playing a part in an attack by "D33Ds Company" against Yahoo! in 2012 to steal and publish 400,000 email addresses and passwords from the web giant. Another arrest involved an 18-year-old man who authorities suspect was responsible for the development and administration of the Titanium and Avenger tools, used to commit a number of DDoS attacks on public sector websites.

“Cyber-crime is not victimless. A high-end cyber-attack against financial institutions could have a far-reaching impact on our economy," said Peter Goodman, deputy chief constable for the National Policing Lead for Cybercrime, who reports that the actions last week were evidence of the UK's work to transform response to cybercrime. "Small and medium-sized businesses can be bankrupted by a cyber-attack with owners and staff losing their jobs. You could be seriously affected by the publication of your personal information."

Meanwhile, in the US, the Department of Justice (DOJ) unsealed court documents for an indictment of three men involved in a hacking scheme against email service providers across the US that led to the theft of over a billion email addresses to be spammed in order to pump up results of an affiliate marketing business.

“These men — operating from Vietnam, the Netherlands, and Canada — are accused of carrying out the largest data breach of names and email addresses in the history of the Internet,” said Assistant Attorney General Leslie Caldwell. “The defendants allegedly made millions of dollars by stealing over a billion email addresses from email service providers. This case again demonstrates the resolve of the Department of Justice to bring accused cyber hackers from overseas to face justice in the United States.” 

The indictments allege that between February 2009 and June 2012, Viet Quoc Nguyen hacked into eight service providers to steal the email addresses. Authorities say he then worked with Giang Hoang Vu to send spam to tens of millions of recipients. From there, Vu and Nguyen allegedly brokered a deal with David-Manuel Santos Da Silva, owner of affiliate marketing firm 21 Celcius Inc., to spam links to websites that paid 21 Celcius commissions for promoting them. The DOJ says it believes that between May 2009 and October 2011, Ngyuen and Da Silva made $2 million from the efforts.

A Vietnamese citizen, Vu was arrested in the Netherlands in 2012 and extradited to the US in 2012. Also a Vietnamese citizen, Nguyen is still on the run. Meanwhile, Da Silva, a Canadian citizen, was arrested at the Ft. Lauderdale, Fla. airport last month and indicted last week by the DOJ. 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
3/10/2015 | 10:02:09 AM
Nice post
Nice article thank u
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
How to Think Like a Hacker
Dr. Giovanni Vigna, Chief Technology Officer at Lastline,  10/10/2019
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer,  10/11/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: The old using of sock puppets for Shoulder Surfing technique. 
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-10-17
WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject JavaScript into STYLE elements.
PUBLISHED: 2019-10-17
WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header.
PUBLISHED: 2019-10-17
WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer.
PUBLISHED: 2019-10-17
WordPress before 5.2.4 does not properly consider type confusion during validation of the referer in the admin pages, possibly leading to CSRF.
PUBLISHED: 2019-10-17
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.