B.C. RCMP said they have helped in dismantling a global cybercrime network in an international police operation that involved law enforcement from eight other countries.
The main suspect was arrested in Greece on Nov. 3 and is believed to have been operating software that allowed cyber criminals to gain remote control access over victims’ computers. Other aspects of the network allowed criminals to steal personal data like passwords and banking details.
RCMP said the operation, dubbed “Endgame,” is the “largest operation ever conducted to combat criminal infrastructure used for ransomware attacks worldwide.”
It said the dismantling was the third large-scale action of Operation Endgame, and police say the infrastructure was responsible for infecting hundreds of thousands of computers around the world with malware, with many victims not even aware their systems had been infected.
Officials said the dismantled malware contained “several million stolen credentials” and added that the main suspect had access to victims’ crypto wallets that were “potentially worth millions of euros.”
The operation is a collaboration between authorities in the Netherlands, Germany, the United States, Australia, France, Denmark, Belgium, the United Kingdom, and Canada. It also included support from Europol and Eurojust.
Police said the operation saw authorities take down several aspects of the network and “disrupt the infrastructure used by cybercriminals.”
RCMP said the malware used included an infostealer and a botnet, which it said are among the most commonly used software around the world to steal personal information.
Police said that criminal services have a business model where criminals can purchase a botnet, which is a network of infected computers, and take control over those computers. Data is then transferred to the criminal’s server.
A total of 1,025 servers were dismantled in the operation, according to RCMP. Mounties also seized 20 domain names as part of the law enforcement effort.
Supt. Adam MacIntosh, officer in charge of the cyber and financial investigation teams in the Pacific, said that cybercrime “knows no borders.”
“Operation Endgame demonstrates that when law enforcement agencies unite across jurisdictions, we can dismantle even the most sophisticated criminal networks,” he said.
He added that the operation’s international cooperation sends “a clear message” to those who “exploit the digital landscape to harm our communities, businesses and infrastructure.”
RCMP have urged all Canadians to take action to prevent malware infections, including updating all software, using trusted security software, being careful before clicking on attachments, using strong, unique passwords, backing up important data, and securing one’s Wi-Fi.
They’ve also advised users to only download software or files from official websites.
The RCMP has asked anyone who has been targeted by fraud or cybercrime to report it to local police.
