The United Kingdom’s National Crime Agency (NCA) arrested several dozen hackers last week in a campaign against cybercrime called ‘strike week.’
Federal officials conducted 25 separate operations in total, spanning England, Scotland and Wales arresting hackers on suspicion of a wide range of cybercriminal charges, including network intrusion and data theft, Distributed Denial of Service (DDoS) attacks, and malicious software and virus development.
Raids organized by the United Kingdom-based NCA were coordinated by its sub-organization, the National Cyber Crime Unit (NCCU), which combines the Police Central E-Crime unit (PCeU) and the cyber division of the Serious Organised Crime Agency. The FBI also helped by proving forensic information on a phishing gang.
One hacker arrested in strike week are being held on the suspicion of being the culprit for the attack on Yahoo, the United States Department of Defense (DoD) and PlayStation. The list of hackers and their crimes are as follows:
- A 23-year-old man was arrested for alleged offenses related to network intrusion on the U.S. Department of Defense (DoD). The breach related to a satellite communication system that was used by the Department of Defense. The hacker also accessed non-confidential contact information for nearly 800 users, including names, titles, email addresses, and phone numbers. Gaining him control over the information of 34,400 devices including IMEI numbers.
- A 21-year-old London man was taken into custody for being an alleged member of the ‘D33Ds Company’ hacking collective, the group that hacked into Yahoo in 2012, leaking some 400,000 email address and password combinations online.
- A 20-Year-Old London male arrested for committing an alleged £15,000 (roughly $22,647) phishing attack.
- A 25-Year-Old North London male arrested on suspicion of deploying malware against banks resulting in financial losses.
- The youngest, a 16-Year-Old believed to be apart of the Lizard Squad was arrested for alleged DDoS attacks believed to have targeted approximately 350 websites, including Lenovo.
- Two Men, 38 and 29 arrested for offenses related to the theft of valuable intellectual property from a London financial company.
- An 18-year-old was arrested for allegedly being the lead developer and administrator of the Titanium and Avenger stresser tools, commonly advertised on many hacking related forums, which were used to DDoS public sector and police websites.
- A hosting company whose servers are believed to be used to house suspected criminal infrastructure (severed a production order).
- Several individuals have been issued cease and desist orders for purchasing remote access tools (RATs).
- Along with several others listed on the official NCA website.
“These arrests around the country this week are a result of the essential partnership activity with law enforcement, industry and government that is at the heart of fighting cybercrime,” Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit, said.
This is not the fist time law-enforcement has conducted massive raids against cybercrime cases. Just last year the U.S. Federal Bureau of Investigation (FBI) conducted raids in Europe and Australia, arresting more than 100 customers of the Blackshades Remote Administrative Tool (RAT) that was used as malware.
Blackshades and similar software allow hackers to remotely control the victims machines allowing them to turn on the webcam, steal username and passwords, gather personal information, abuse the computer to launch attacks against others among several other tasks. RAT’s are powerful tools among cybercriminals as it allows front line access to the machine and everything occurring within it.
Criminals can masquerade the malware into programs to help evade detection from antivirus engines. Blackshades was sold for as little as $40 via PayPal on many wide-spread public forums starting in 2010.
However, recent NCA raids did not just target specific customers of a product or hackers behind specific cybercriminal attacks, instead they arrested hackers behind phishing attacks, malware and one unnamed hosting agency.
The name ‘strike week’ suggest the NCA monitored all the activities of cybercriminal gangs and individuals, compiling strong evidence against them that led to the arrest and presumed trial against them.
Peter Goodman, the deputy chief of constable and national police lead for cybercime said cybercriminal actions are not victimless, stating “a high-end cyber-attack against financial institutions could have a far-reaching impact on our economy. Small- and medium-sized businesses can be bankrupted by a cyber-attack, with owners and staff losing their jobs.”