Endpoint Security , Finance & Banking , Industry Specific

Hong Kong Police Disrupt International Phishing Syndicate

Criminal Group Impersonated Well-Known Brands to Plant Banking Trojans
Hong Kong Police Disrupt International Phishing Syndicate
Hong Kong as seen at night from Victoria Peak (Image: Hwan Hyeok Kim/CC BY 2.0)

Hong Kong police disrupted a global phishing syndicate operating hundreds of servers across the globe along with a slew of fake mobile applications aimed at stealing personal and banking information.

See Also: Bank on Seeing More Targeted Attacks on Financial Services

The law enforcement operation, dubbed Magicflame and supported by Interpol, lasted 11 months, reported the South China Morning Post.

Attackers sent victims phishing SMS messages that appeared to originate from a legitimate source, directing them to download an app. The app in fact was a banking Trojan that stole personal information such as bank account and credit card details, phone contacts and photographs. Servers located in Hong Kong received stolen data before forwarding it on to other infrastructure controlled by the phishing gang.

"We believe it was an overseas-based syndicate that made use of the city's internet network to carry out illegal activities. We believe the syndicate ceased its illegal operations after the joint operation with Interpol," Hong Kong police Senior Superintendent Raymond Lam Cheuk-ho told the newspaper.

Police officials told the newspaper that hackers behind the campaign masqueraded as well-known brands. Its operators resided in China, the Philippines and Cambodia and frequently switched servers to avoid detection. Seized servers showed personal data stolen from 519 phones whose owners reside mostly in Japan and South Korea.

Cybercriminals routinely spoof well-known financial institutions to target users with banking Trojans and steal their financial information. The Hong Kong Monetary Authority on Tuesday warned about criminals running a fake website that masqueraded as DBS Bank Hong Kong's website. The authority issued a similar warning on Jan. 16 about criminals using the HSBC brand name in fraudulent websites and phishing emails.

About the Author

Jayant Chakravarti

Jayant Chakravarti

Senior Editor, APAC

Chakravarti covers cybersecurity developments in the Asia-Pacific region. He has been writing about technology since 2014, including for Ziff Davis.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.