All news with #law enforcement action tag

Operation Chargeback: Dismantling Global Card-Fraud Rings

🔍 Operation Chargeback led to coordinated raids and arrests targeting three alleged international fraud and money-laundering networks that exploited stolen payment data from more than 4.3 million cardholders across 193 countries. Authorities executed 60 searches and 18 arrest warrants after nearly five years of investigation, seizing assets and digital evidence. Investigators say the groups generated roughly 19 million fraudulent subscription charges, abused payment-provider systems and used shell companies to launder proceeds while masking low-value recurring fees to avoid detection.

UK Carriers to Block Spoofed Phone Numbers Within Year

🔒 Britain’s major mobile carriers have agreed to upgrade networks to eliminate phone-number spoofing within a year under the new Telecoms Charter. The pact, signed by BT EE, Virgin Media O2, Vodafone Three, Tesco Mobile, TalkTalk and Sky, requires call-origin labeling for international calls, broader data sharing with police, advanced tracing and faster victim support. Operators report AI systems already block millions of scam calls and texts monthly.

U.S. Treasury Sanctions North Korean Bankers, IT Scammers

⚖️ The U.S. Treasury's OFAC imposed sanctions on two North Korean financial institutions and eight individuals accused of laundering cryptocurrency stolen in cyberattacks and operating fraudulent IT worker schemes. Designated entities include Ryujong Credit Bank and Korea Mangyongdae Computer Technology Company (KMCTC), plus named bankers linked to ransomware proceeds. The actions block property under U.S. jurisdiction and warn financial institutions of secondary sanctions and enforcement risk for transacting with the listed parties.

Data Breach at Major Swedish Supplier Exposes 1.5M Records

🔒 Miljödata, an IT systems supplier for roughly 80% of Sweden's municipalities, disclosed an August 25 cyberattack that exposed personal data tied to 1.5 million people and included a 1.5 BTC extortion demand. The incident disrupted services across multiple regions and prompted immediate involvement from CERT‑SE, police and the Swedish Authority for Privacy Protection (IMY). Investigations will prioritize Miljödata's security and municipal data handling, with special attention to children's data and protected identities.

Europol, Eurojust Bust €600M Crypto Fraud Network Globally

🔎 Europol and Eurojust led a coordinated sweep from October 27–29 across Cyprus, Spain, and Germany that resulted in nine arrests tied to a cryptocurrency money‑laundering network accused of defrauding victims of €600 million (~$688 million). Authorities executed searches and seized €800,000 ($918,000) in bank funds, €415,000 ($476,000) in cryptocurrencies, and €300,000 ($344,000) in cash. Investigators say the group created dozens of fake crypto investment platforms and lured victims via social media ads, cold calls, fake news articles, and fraudulent celebrity testimonials. The scheme laundered proceeds using blockchain techniques and was disrupted after victim complaints spurred a cross‑border investigation.

European Police Bust International Crypto Investment Scam

🔍An international cryptocurrency investment and money‑laundering network has been dismantled in Europe after coordinated operations by French, Belgian and Cypriot authorities. Nine suspects were arrested across Cyprus, Germany and Spain between October 27 and 30, and investigators seized roughly €1.6m in cash, bank funds, crypto wallets and luxury items. French prosecutors say the group ran dozens of fake trading platforms and used social media, phone calls and sponsored fake news to target hundreds of victims, laundering at least $700m in crypto proceeds.

European Police Bust €600M Cryptocurrency Investment Fraud

🔎 European authorities arrested nine suspected money launderers tied to a crypto investment fraud ring that stole over €600 million from victims across multiple countries. The coordinated raids on October 27 and 29 in Cyprus, Spain and Germany were led by Eurojust from The Hague. Investigators seized €800,000 in bank accounts, €415,000 in cryptocurrencies and €300,000 in cash. The suspects allegedly used dozens of fake investment platforms and social engineering — including social media ads, cold calls, fake news and celebrity testimonials — to recruit victims and then laundered proceeds using blockchain tools.

Cybersecurity Experts Charged Over BlackCat Ransomware

🔒 Three cybersecurity professionals have been indicted for allegedly operating an ALPHV/BlackCat ransomware affiliate network that attacked at least five U.S. companies between May and November 2023. Prosecutors named former Sygnia incident response manager Ryan Clifford Goldberg and negotiator Kevin Tyler Martin of DigitalMint, accusing them of exfiltrating data, encrypting systems, and demanding cryptocurrency extortion payments. An FBI affidavit describes encrypted dark‑web negotiations, multi‑hop transfers using privacy coins such as Monero, and meticulous spreadsheets that tracked ransoms, receipts, and wallet addresses. Charges include conspiracy to extort and intentional damage to protected computers, with potential forfeiture of crypto assets.

U.S. Prosecutors Indict Three Over BlackCat Ransomware

🔒 Federal prosecutors have indicted three U.S. nationals accused of using BlackCat (ALPHV) ransomware to breach five companies between May and November 2023 and extort payments. The defendants—Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co‑conspirator—allegedly targeted firms in medical devices, pharmaceuticals, clinical care, engineering, and drone manufacturing. Two were employed by cybersecurity firms at the time; both employers say they cooperated with investigators.

Conti Suspect Appears in US Court After Extradition

🔒 A Ukrainian national extradited from Ireland has appeared in a US court, accused of conspiring to deploy Conti ransomware and manage stolen data and ransom notes. Authorities allege Oleksii Lytvynenko participated in attacks between 2020 and July 2022 that resulted in more than $500,000 in cryptocurrency extorted from victims in the Tennessee district and the publication of additional stolen data. He faces computer fraud and wire fraud conspiracy charges and could receive up to 25 years in prison if convicted.

Alleged Jabber Zeus Coder 'MrICQ' Extradited to U.S.

🔒 A Ukrainian man long accused of building and operating components of the Jabber Zeus banking trojan has been arrested in Italy and is now in U.S. custody. Prosecutors say 41-year-old Yuriy Igorevich Rybtsov, previously identified only by the handle MrICQ, was charged in a 2012 Nebraska indictment as a developer and notification handler for the group. Investigators allege Jabber Zeus used a custom ZeuS variant and a Leprechaun component to intercept credentials and bypass multi-factor protections, enabling large payroll thefts via recruited money mules.

Russian Police Arrest Suspected Meduza Stealer Operators

🔒 Russian authorities have arrested three individuals in Moscow accused of creating and operating the Meduza information‑stealing malware. Announced on Telegram by police general Irina Volk, investigators say the group developed and distributed Meduza via hacker forums around two years ago and offered it as a subscription-based service. The tool steals browser-stored credentials and cryptocurrency data and, since December 2023, can resurrect expired Chrome authentication cookies to facilitate account takeover. Authorities opened a criminal case after operators targeted an Astrakhan institution and seized confidential server data.

Ukrainian Extradited from Ireland on Conti Ransomware Charges

🔒 A 43-year-old Ukrainian national, Oleksii Lytvynenko, has been extradited from Ireland to the United States on charges tied to the Conti ransomware operation. U.S. authorities allege he controlled stolen data and participated in sending ransom notes during double-extortion attacks between 2020 and June 2022. Arrested by An Garda Síochána in July 2023, Lytvynenko could face up to 25 years in prison if convicted. Prosecutors say the conspiracy extorted cryptocurrency and targeted victims across multiple jurisdictions.

Nation-state Hackers Breach Ribbon Communications' Network

🔒 In a filing with the SEC, Ribbon Communications disclosed that unauthorized actors, reportedly tied to a nation-state, had access to its IT network, with initial intrusion activity traced as far back as December 2024. The company detected the breach in September 2025, has worked to terminate access, and is collaborating with third-party cybersecurity experts and federal law enforcement. Ribbon says it has not yet found evidence of material corporate data theft, although attackers accessed customer files on two laptops outside the main network.

Ex-L3Harris Executive Pleads Guilty to Selling Exploits

🔒 Peter Williams, a former general manager at L3Harris Trenchant, pleaded guilty in U.S. court to stealing and selling protected cyber-exploit components between 2022 and 2025. Prosecutors say he removed at least eight sensitive trade-secret exploit components intended for exclusive government use and sold them to a broker that works with the Russian government for $1.3 million in cryptocurrency. He now faces up to 10 years in prison and significant fines.

Defense Contractor Pleads Guilty to Selling Zero-Days

🛡️ The former general manager of L3Harris cyber-division Trenchant, Australian national Peter Williams, pleaded guilty in a US district court to stealing and selling zero-day exploit components to a Russian cyber broker. Prosecutors allege he exfiltrated at least eight exploit components via encrypted channels in exchange for millions in cryptocurrency and follow-on support payments. Authorities say the code could be worth tens of millions and that the broker’s clients include the Russian government, creating a national security threat. Williams faces up to 20 years in prison and significant fines.

Support for Dobrindt's Active Cyber Defense Plan in Germany

🛡️ Federal Interior Minister Alexander Dobrindt's proposal for active cyber defense has drawn cross-party, cautious approval as he prepares a legal amendment to counter attacks originating from servers abroad. A ministry spokesperson says the measures would allow intervening steps to stop or mitigate attacks by manipulating or disrupting the IT systems or data traffic used, and stressed this is not about hackback or broad retaliatory strikes. Greens signaled conditional support if the approach follows rule-of-law principles, CDU security figures praised a more proactive stance, and Dobrindt expects to present the amendment to cabinet next year.

Europol Raises Alarm Over Caller ID Spoofing Crisis

🚨 Europol has issued a Position Paper warning of a rising wave of caller ID spoofing, where criminals falsify numbers to impersonate banks, government bodies or relatives. The agency estimates global losses around €850m annually and reports spoofing now underpins roughly 64% of phone- and SMS-related fraud. Europol calls for harmonized technical standards, stronger cross-border cooperation and regulatory convergence to make spoofing harder to perpetrate and easier to investigate.

Louvre Apollo Gallery Jewel Heist Reveals Security Gaps

🔍 The theft at the Louvre—where four thieves used an electric ladder, an angle grinder and seven minutes to remove jewels from the Apollo Gallery—exposed stark security lapses. A single outdoor camera pointed away from the balcony left no interior footage, and guards appeared focused on patrons rather than valuables. Arrests have been reported, but the pieces' likely disassembly will greatly reduce their recoverable value.

Europol Dismantles Network Behind 49 Million Fake Accounts

🔒 Europol, together with police in Estonia, Finland, Latvia and Austria, dismantled a cybercrime-as-a-service network during coordinated raids on October 10. Seven suspects were arrested and authorities seized five servers, some 40,000 active SIM cards, luxury vehicles, bank accounts and crypto wallets. Investigators say the operation created roughly 49 million fake accounts across about 80 countries and used those identities to swindle millions of euros.