Cybercrime Operations in 2023
In 2023, law enforcement agencies conducted numerous operations to combat various cybercrimes, such as cryptocurrency fraud, phishing attacks, theft of accounting data, harmful software development, and ransomware attacks.
While some of these operations were more successful than others, law enforcement agencies have increasingly resorted to hacking tactics to infiltrate criminals’ infrastructure and track their activities.
Below is a list of the largest operations that took place during the year:
The HIVA Mounting Program Discontinued After Hacking FBI Systems of Groups
The US Department of Justice and Europol announced the discontinuation of the HIVA Mounting Program after agents secretly accessed the Hive group’s systems in July 2022. The agencies conducted covert surveillance on the cybercriminals for six months.
In January 2023, the FBI seized TOR sites associated with the HIVE Mrownoman program, which facilitated payments and data leaks. Following the seizure, the group members apparently renamed themselves as Hunters International after a brief hiatus.
Police Hacked the ‘Protected’ EXCLU Message Platform to Track Criminals
The Exclu investigation commenced in 2020 by the German police after the dismantling of the German Internet provider Cyberbunker or CB3Rob, which hosted several criminal websites, including The Pirate Bay and Exclu. During the operation, the police conducted 79 targeted searches in the Netherlands, Germany, and Belgium, resulting in the arrest of 42 individuals.
Excumitors Doppelpaymer Became Victims of Europol Operation
During a Europol operation, raids were carried out at the residences of key members of the Doppelpaymer gang, who were allegedly involved in various cybercrimes.
Police Confiscated Netwire Trojan Infrastructure and Arrested Administrator
An international law enforcement operation, involving the FBI and police agencies worldwide, led to the arrest of a suspect who had allegedly operated a website for several years, selling the Netwire Remote Access Trojan (RAT). The operation also resulted in the confiscation of the domain and host server of the service.
Netwire was advertised as a legitimate remote administration tool for Windows but has been widely used for malicious activities since at least 2014. These activities include phishing, Business Email Compromise (BEC) attacks, and hacking corporate networks