A global regulation enforcement operation has dismantled a large-scale cybercrime-as-a-service community accountable for fueling 1000’s of on-line fraud circumstances throughout Europe.
The operation, often called SIMCARTEL, befell on 10 October 2025 in Latvia and resulted in 5 arrests, the seizure of key infrastructure, and the disruption of a classy on-line legal market.
Throughout coordinated raids, authorities executed 26 searches throughout a number of websites, arresting 5 Latvian nationals suspected of working the unlawful platform.
Investigators seized 5 servers, 1,200 SIM-box gadgets, and greater than 40,000 energetic SIM playing cards used to energy the fraudulent service. Two linked web sites gogetsms[.]com and apisim[.]com had been taken over by regulation enforcement and changed with “splash pages” saying their seizure.
The seized operation had enabled greater than 49 million faux on-line accounts and was tied to over 3,200 recognized cyber fraud circumstances throughout Austria and Latvia alone.
Monetary losses from these crimes exceeded EUR 4.5 million in Austria and an extra EUR 420,000 in Latvia. Authorities additionally froze EUR 431,000 in financial institution property, USD 333,000 in cryptocurrency, and confiscated 4 luxurious autos belonging to suspects.
Cybercrime-as-a-Service Platform Dismantled
The dismantled service offered entry to telephone numbers registered in additional than 80 international locations, permitting purchasers to masks their identities whereas committing crimes starting from phishing and smishing to large-scale fraud, extortion, and youngster exploitation.
The platform allowed criminals to create faux social media, banking, and e-commerce accounts that appeared legit however had been used to defraud unsuspecting victims.
The community’s choices supported a number of widespread scams, together with fraudulent second-hand market listings, “daughter–son” WhatsApp scams, funding fraud schemes, faux financial institution web sites, and impersonations of cops focusing on Russian-speaking victims. Every of those crimes relied on the anonymity offered by the rented SIM-based numbers.
The operation was coordinated by Europol and Eurojust, working in shut collaboration with regulation enforcement companies from Austria, Latvia, Estonia, and Finland.
Technical assist from the Shadowserver Basis helped dismantle the community’s infrastructure and safe digital proof. Europol analysts performed OSINT mapping of the platform’s on-line footprint and facilitated worldwide knowledge alternate to trace monetary and digital property.
The joint motion marks a serious success in Europe’s combat in opposition to crime-as-a-service networks, putting on the infrastructure that enabled cybercriminals to cover behind false identities and goal victims worldwide.
Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.
