UK law enforcement agencies have played a major role in the dismantling of one of the world’s largest websites selling stolen credit card data, and the arrest of the organised crime group behind the site.
The case highlights the need to safeguard personal and financial information, as follows:
The Serious Organised Crime Agency (SOCA) and the Metropolitan Police Central e-Crime Unit (PCeU) have been working for a considerable time in close partnership with the Vietnamese High-Tech Crime Unit (HTCU), the US Federal Bureau of Investigation and other national and cross-border agencies.
The website, which is thought to have facilitated in excess of £100 million worth of credit card fraud worldwide over the last six years, had 16,000 customers – also worldwide. Via a secure login, fraudsters could access the site, known as “mattfeuter”, and specify the quantity and type of credit card data they wanted, before paying by credit card.
Arrests of eight hackers and distributors – the group’s ringleaders – were made in swoops in Ho Chi Minh City, Vietnam, and at the same time of three substantial customers in the UK.
The respective law enforcement agencies are in possession of the website’s user details and the operation continues, with further arrests anticipated. A number of other websites selling compromised data have also been taken down.
Previously, the arrests in Vietnam could not have been carried out because the country’s nationals had not been punishable for fraud perpetrated in other countries. However, close international cooperation resulted in a change to legislation, meaning that the criminals can be brought to justice in their own country.
The PCeU and SOCA Cyber are working jointly ahead of the establishment of the National Cyber Crime Unit (NCCU), part of the new National Crime Agency (NCA), which will be operating by the end of this year.
Andy Archibald, Deputy Director, Cyber and Forensics. SOCA and interim Deputy Director of NCCU, said: “This operation should leave those engaging in cyber criminality in no doubt that that they are neither anonymous, nor beyond the reach of law enforcement agencies. We and our partners – both in the UK and across the world – continue to protect the public and legitimate businesses by dismantling websites trading in stolen card data, as well as relentlessly pursuing the people who operate and frequent them.”
It is understood that Europol’s European Cybercrime Centre and a number of credit card companies are also cooperating with the investigation.