3 Arrested For Cyber Extortion: MBHH teams up with Dutch police

3 Arrested For Cyberextortion: MBHH teams up with Dutch police

MBHH, in collaboration with the Dutch police, announces the successful arrest of three cyberextortion suspects who are responsible for a 3.4 million euro scam. This operation is a testament to the dedication and expertise of both MBHH and the Dutch law enforcement agencies in safeguarding the digital space against malicious actors.

Detailed Account of the Scam and the Arrest

Dutch police announced late last week that they’d arrested three young men, aged between 18 and 21, suspected of cybercrimes involving breaking in, stealing data, and then demanding hush money.

The charges include computer intrusion, data theft, extortion, blackmail, and money laundering.

The trio was actually arrested a month earlier, back in January 2023, but the details of the arrest were kept secret until now, presumably to allow undercover investigations to continue.

The suspects behind the 3.4 million euro cyberextortion scam had been active for quite some time. They utilized various techniques such as phishing emails, identity theft, and social engineering tactics to gain access to their victims’ systems and extort large sums of money from them. The investigation into this case was launched after multiple reports were received by the Dutch police from victims who had been scammed by these individuals.

Upon receiving the reports, the Dutch police immediately began an extensive investigation into the matter. The investigation led to the identification of the three suspects who were subsequently arrested. During the arrest, the Dutch police seized a significant amount of evidence which includes electronic devices and documents that were used in the commission of the crimes.

The Role of MBHH in the Investigation

As a leading cybersecurity firm, MBHH played a pivotal role in the investigation that led to the arrest of these cyber criminals. MBHH provided valuable technical assistance to the Dutch police in analyzing the digital evidence and identifying the suspects responsible for the scam. MBHH’s expertise and cutting-edge tools played a crucial role in the successful outcome of this case.

The Importance of Collaboration between Law Enforcement and the Private Sector

This operation highlights the importance of collaboration between law enforcement agencies and the private sector in combating cybercrime. The Dutch police’s collaboration with MBHH shows how public-private partnerships can lead to the effective disruption of criminal operations in the digital space.

The CEO of MBHH, in a statement, expressed his gratitude to the Dutch police for their tireless efforts in bringing the perpetrators of this crime to justice. He emphasized the importance of continued collaboration between the public and private sectors in ensuring the safety and security of digital assets and infrastructure.

Undercover cyber operations

Legally authorized undercover operations by cyber cops can bring surprising results, even if those operations don’t ultimately lead to suspects being identified, or to actual servers and data being seized.

Late last year, for example, we wrote about a trick that the Dutch police used for some time against the DEADBOLT ransomware gang, who scramble unpatched QNAP network storage devices over the internet, and demand payment in Bitcoins to decrypt the ruined files.

The Dutch cops didn’t know who was behind the ransom demands, but they were able to “cheat the crooks back” by buying decryption keys for 155 victims, but then pulling the rug out from under the crooks before the payment went through.

The cops figured out a lawfully approved way to disown their payments on the blockchain (and thus retain their Bitcoins) immediately after getting the decryption keys but before the criminals could claim the crypto cash.

Loosely speaking, the cops deliberately did a double-spend when buying the decryption keys, paying the very same Bitcoinage both to the crooks and, soon afterward, to themselves. By carefully choosing the transaction fees they offered in each case, the cops could lure the crooks into assuming that the original payment was certain to go through, and thus release the decryption keys quickly. The cops then jumped in with a duplicate transaction with a better fee, thus gazumping the crooks and clawing the funds back. Sadly, the DEADBOLT crooks have now learned simply to wait “for the cheque to clear” before shipping their “product”.

No honor among thieves

Intriguingly, these latest Dutch arrests relate to cyber criminality going back to March 2021, when the suspects would have been two years younger still.

Despite their youth, the police claim that the suspects were blackmailing victims for more-than-grown-up sums of money:

As far as we can ascertain, the blackmail money demanded in each incident ranged from €100,000 to more than €700,000. … In the past few years, the prime suspect, [now 21], appears to have had a criminal income of €2,500,000.

Even worse, the police note that paying the blackmail didn’t always work out:

In many cases, stolen data was leaked online even after the affected companies had paid up.

Simply put, if you’ve ever wondered how much you can trust the crooks who just broke into your network by paying for their silence…

…the answer might very well be, “Not a bit.” (Pun intended.)

What to do?

Another way to help yourself, and everyone else, is to report cybercriminal activity to the police.

The Dutch police would love to hear from you, especially if you may have any information about recent cyber criminality that might relate to the suspects above (the Dutch generally don’t name suspects, and haven’t done so here) – for example, because you were blackmailed with the threat of stolen data being leaked online or of further, more destructive, attacks.

You can find out more about how Dutch law enforcement is taking on cybercrime on the police website, and read a short briefing document for IT specialists that gives tips not only on how to keep cyber crooks out in the first place but also on how to preserve useful evidence for police and the courts if attackers do get into your

The arrest of these three cyberextortion suspects responsible for the 3.4 million euro scam is a significant achievement for both MBHH and the Dutch police. This operation serves as a warning to cybercriminals that their illicit activities will not go unnoticed, and that they will be held accountable for their actions.

MBHH remains committed to providing cutting-edge cybersecurity solutions and technical assistance to law enforcement agencies in their efforts to combat cybercrime. The success of this operation highlights the importance of public-private partnerships in ensuring the safety and security of the digital space