Hong Kong police disrupted a global phishing syndicate operating hundreds of servers across the globe along with a slew of fake mobile applications aimed at stealing personal and banking information.
The law enforcement operation, dubbed Magicflame and supported by Interpol, lasted 11 months, reported the South China Morning Post.
Attackers sent victims phishing SMS messages that appeared to originate from a legitimate source, directing them to download an app. The app in fact was a banking Trojan that stole personal information such as bank account and credit card details, phone contacts and photographs. Servers located in Hong Kong received stolen data before forwarding it on to other infrastructure controlled by the phishing gang.
“We believe it was an overseas-based syndicate that made use of the city’s internet network to carry out illegal activities. We believe the syndicate ceased its illegal operations after the joint operation with Interpol,” Hong Kong police Senior Superintendent Raymond Lam Cheuk-ho told the newspaper.
Police officials told the newspaper that hackers behind the campaign masqueraded as well-known brands. Its operators resided in China, the Philippines and Cambodia and frequently switched servers to avoid detection. Seized servers showed personal data stolen from 519 phones whose owners reside mostly in Japan and South Korea.