A suspected senior member of the notorious cybercriminal organization known as OPERA1ER has been apprehended in a significant breakthrough against cybercrime. The arrest took place in Côte d’Ivoire, a country in West Africa, and is expected to have a major impact on the group’s criminal activities across Africa, Asia, and Latin America. The international operation, codenamed Nervone, was a collaborative effort between INTERPOL, AFRIPOL, Group-IB, and Côte d’Ivoire’s Direction de l’Information et des Traces Technologiques (DITT).
OPERA1ER, also known as Common Raven, Desktop-Group, and NXSMS, has been operating since at least 2016 and has been responsible for highly-organized cyber attacks using sophisticated techniques. These techniques include spear-phishing campaigns, malware distribution, and large-scale Business Email Compromise (BEC) scams. The group specifically targeted financial institutions, telecoms firms, and mobile banking services, exploiting vulnerabilities to steal funds. Their illicit activities have resulted in estimated losses of at least $11 million, with the potential to exceed $30 million.
The cybercriminal gang first came to the attention of Group-IB in 2018 when they detected spear-phishing operations that spread remote access tools and other malware. Through a collaboration between INTERPOL’s Cybercrime Directorate, Group-IB, and Orange, authorities were able to exchange intelligence and track the group’s activities. This collaboration ultimately led to the identification of a likely location for their operations. Supporting the international efforts, the United States Secret Service’s Criminal Investigative Division and Booz Allen Hamilton DarkLabs cybersecurity researchers provided crucial leads for the investigation.
The arrest of a key suspect in Côte d’Ivoire in early June was a result of the successful coordination of international efforts. The captured individual is believed to be a senior member of the OPERA1ER group and was involved in attacks against financial institutions across Africa. Authorities are confident that this arrest will significantly impact the group’s criminal endeavors, disrupting their network and preventing further financial losses.
Bernardo Pillot, INTERPOL’s Assistant Director of Cybercrime Operations, commended the operation in a press release, stating, “Operation Nervone is a testament to what we can achieve through international collaboration and intelligence sharing. This successful operation marks a significant step in our ongoing mission to dismantle organized cybercrime networks, showcasing the power of collective action in stemming the tide against cybercrime.”
The successful arrest of a senior member of the OPERA1ER cybercrime group highlights the importance of international collaboration and the efforts of law enforcement agencies and cybersecurity experts in safeguarding financial systems and protecting individuals from cyber threats. As the fight against cybercrime continues, authorities remain dedicated to dismantling criminal networks and ensuring the security of global cyberspace.
For more related news on cybercrime arrests, please follow the links below:
– Do Kwon, Founder of Terraform Labs, Arrested in Montenegro
– Owner of Breach Forums Pompompurin Arrested in New York
– Alcasec Hacker, aka “Robin Hood of Spanish Hackers,” Arrested
– Estonian Arrested: Accused of Supplying Hacking Tools to Russia
– Teen among suspects arrested in Android banking malware scheme