Spanish authorities have introduced the arrest of a 25-year-old Brazilian nationwide accused of being the mastermind behind the ‘GXC Group’ crime-as-a-service (CaaS) operation distributing phishing kits and Android malware.
The person, often known as GoogleXcoder, allegedly offered full phishing companies to cybercriminals who bought phishing kits focusing on varied banks and authorities entities.
The kits, the authorities say, have been designed to clone the web sites of the focused establishments to deceive their customers into offering their credentials to the attackers.
Miscreants, the Spanish police say, contacted GoogleXCoder through Telegram to rent his companies for lots of of {dollars} a day, to help them in assaults that hit dozens of establishments and hundreds of customers, and prompted tens of millions of {dollars} in losses.
GoogleXCoder, the authorities say, lived the lifetime of a “digital nomad”, periodically relocating between a number of houses in several Spanish provinces, and utilizing cellphone strains and fee playing cards issued within the title of impersonated victims.
The police carried out searches at six places in Valladolid, Zaragoza, Barcelona, Palma de Mallorca, San Fernando, and La Línea de la Concepción. They arrested GoogleXCoder in San Vicente de la Barquera Cantabria, and recognized six different people allegedly related to the CaaS operation.
The investigators seized digital gadgets containing supply code and monetary data. They’ve deactivated GoogleXCoder’s Telegram channels and are inspecting digital proof to establish different suspects.
In accordance with cybersecurity agency Group-IB, which helped with the investigation, Android malware was additionally being bought by means of the GXC Group CaaS.Commercial. Scroll to proceed studying.
Along with banks, the cybercriminals focused ecommerce and transportation organizations in Brazil, Slovakia, Spain, the US, and the UK.
“Over the previous yr, investigators have tracked a wave of phishing campaigns which have resulted in tens of millions of euros in monetary losses. The arrest of GoogleXcoder neutralizes a key enabler of this prison ecosystem and considerably disrupts the provision of instruments utilized in widespread banking fraud schemes,” Group-IB says.
The CaaS operation, the cybersecurity agency notes, emerged in 2023, providing superior phishing kits, an SMS-stealing Android trojan, and instruments for AI-supported voice scams, in addition to help companies for cybercriminals utilizing GXC instruments.
“One of many group’s Telegram channels was openly named ‘Steal all the things from grandmas’, reflecting the group’s ruthlessness,” Group-IB explains, noting that the authorities have recovered stolen funds from varied digital platforms.
Associated: Dutch Teenagers Arrested for Allegedly Serving to Russian Hackers
Associated: Interpol Says 260 Suspects in On-line Romance Scams Have Been Arrested in Africa
Associated: Scattered Spider Suspect Arrested in US
Associated: Two Scattered Spider Suspects Arrested in UK; One Charged in US
