Blockchain & Cryptocurrency , Cybercrime , Fraud Management & Cybercrime

Police Arrest 6 in $28 Million Cryptocurrency Fraud Probe

'Cyber Dogs' Deployed to Search Suspects' Home for Hidden Storage Media
Police Arrest 6 in $28 Million Cryptocurrency Fraud Probe
"Digital storage detection police dogs" Rob (left) and Tweed were used to search suspects' homes for hidden storage devices, police say. (Photos: Devon & Cornwall Police)

Six suspects have been arrested as part of an international police investigation tracing the theft of at least $28 million worth of bitcoin cryptocurrency. Police allege that the fraudsters created look-alike sites for the Blockchain.com cryptocurrency exchange - and perhaps others - and tricked users into visiting them by making fraudulent Google Adwords buys that led Google search users to the spoofed sites.

See Also: Live Webinar | CrowdStrike Co-Founder Unveils a Blueprint for Advanced Cyber Defense

Five men and one woman, ages 19 to 37, were arrested in simultaneous raids Tuesday morning as part of a joint operation involving the U.K.'s South West Regional Cyber Crime Unit and Politie, the Dutch national police. The joint operation has been backed by the EU's law enforcement intelligence agency, Europol, and its Joint Cybercrime Action Taskforce, as well as EU agency Eurojust, which handles judicial cooperation relating to criminal matters, and the U.K.'s National Crime Agency.

Three U.K. suspects, all men, have been arrested in the southwest English counties of Somerset and Wiltshire on charges of suspicion of committing computer misuse as well as money laundering. Two Dutch suspects were arrested in Amsterdam and Rotterdam on a charge of suspicion of committing money laundering, authorities say.

Police say the investigation centers on typosquatting, referring to the practice of fraudsters creating domain names that spoof the names of actual sites. In this case, police say the practice was used to spoof at least one "well-known online cryptocurrency exchange" so that when users mistyped the URL, they arrived at a look-alike version of the site. Such sites can be used to steal users' legitimate access credentials, enabling attackers to drain victims' cryptocurrency wallets.

Spoofed: Blockchain.com

"Evidence to date shows that victims have visited a spoofed version of blockchain.com by clicking on a bad URL promoted using Google Adwords," Detective Inspector Louise Boyce from the South West Regional Cyber Crime Unit tells Information Security Media Group. "Analysis of further devices seized as part of yesterday's operation may reveal other domains have also been spoofed."

More victims continue to come to light as police continue their investigation.

"The warrants were the result of 14 months of investigation," Boyce says. "The investigation has grown from a single report of £17,000 ($22,000) worth of bitcoin stolen from a Wiltshire-based victim to a current estimate of more than 4,000 victims in at least 12 countries. We expect that number to grow."

Unleash the Hard Drive Hounds

Boyce says that as part of the operation, "we've seized a large number of devices, equipment and valuable assets," with the help of numerous other U.K. police forces. Items seized are are now being subjected to digital forensic examination.

"Devon and Cornwall and the Metropolitan Police also provided vital help in the form of their two cyber dogs, who played key roles in searching suspects' homes," she said.

In 2017, England's Devon and Cornwall as well as Dorset police forces announced the launch of the country's first-ever "digital storage detection police dogs" program to test the concept. At the time, police said they were training two dogs in-house: Tweed, then a 19-month-old Springer Spaniel, and Rob, then a 20-month-old Labrador.

"These dogs will give the police a new way to fight the threat of terrorism, pedophiles and fraudsters," Chief Superintendent Jim Nye, commander of Dorset Police and Devon and Cornwall Police's Alliance Operations Department, said at the time. "Tweed and Rob have been used by police at crime scenes and executions of warrants, not just within Devon, Cornwall and Dorset, but across the whole U.K. The dogs have been used to sniff out data devices such as mobile devices, USB sticks, SD cards, hard drives and computers."


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.