Tag Archives: Europol

Europol investigating 5,000 organized crime groups

Some 5,000 organized crime groups are active in Europe, with more than one-third of the rings involved in illicit drug trade, the EU law enforcement agency Europol said in a large-scale report Thursday.

Drug trade generates 24 billion euros (25 billion dollars) in profits every year.

The groups are also engaged in counterfeiting currency, migrant smuggling, arms trafficking and an array of cybercrime, including child sexual exploitation and bank fraud.

Continue reading Europol investigating 5,000 organized crime groups


World’s most advanced hacking spyware let loose

A participant sits with a laptop computer at the Chaos Communication Congress in December 2010

A cyber snooping operation reminiscent of the Stuxnet worm and billed as the world’s most sophisticated computer malware is targeting Russian and Saudi Arabian telecoms companies.

Cyber security company Symantec said the malware, called “Regin”, is probably run by a western intelligence agency and in some respects is more advanced in engineering terms than Stuxnet, which was developed by US and Israel government hackers in 2010 to target the Iranian nuclear programme.

The discovery of the latest hacking software comes as the head of Kaspersky Labs, the Russian company that helped uncover Stuxnet, told the Financial Times that criminals are now also hacking industrial control systems for financial gain.

Organised criminals tapping into the networks that run industrial companies, alongside the development of the latest online snooping worm, are signs of the increasingly sophisticated nature of cyber attacks.

“Nothing else comes close to this . . . nothing else we look at compares,” said Orla Cox, director of security response at Symantec, who described Regin as one of the most “extraordinary” pieces of hacking software developed, and probably “months or years in the making”.

However, a western security official said it was difficult to draw conclusions about the origins or purpose of Regin. “It’s dangerous to assume that because the malware has apparently been used in a given country, it did not originate there,” the person said. “Certain states and agencies may well use tools of this sort domestically.”

Symantec said it was not yet clear how Regin infected systems but it had been deployed against internet service providers and telecoms companies mainly in Russia and Saudi Arabia as well as Mexico, Ireland and Iran.

The security software group said Regin could be customised to target different organisations and had hacked Microsoft email exchange servers and mobile phone conversations on major international networks.

“We are probably looking at some sort of western agency,” Ms Cox said. “Sometimes there is virtually nothing left behind – no clues. Sometimes an infection can disappear completely almost as soon as you start looking at it, it’s gone. That shows you what you are dealing with.”

Meanwhile, Eugene Kaspersky, chief executive of Kaspersky Labs, warned that the computer networks that control energy plants and factories are becoming targets for organised crime gangs armed with skilled hackers. He said there was evidence of “more and more very targeted attacks” of the networks that run industrial companies.

The attacks go beyond recent data breaches at US bank JPMorgan and US retailer Home Depot, in which criminals sought credit card details or personal data to attempt false transactions. Mr Kaspersky said criminals have used hacking for everything from bypassing security at ports to stealing grain from a Ukrainian factory by adjusting the digital scales to read a lower weight.

The most public incident of cyber industrial crime was exposed when Europol smashed a drugs ring last year that was hacking into the control systems of the Belgian port of Antwerp, to move containers holding drugs away from the prying eyes of customs inspectors.


Global Web Crackdown Arrests 17, Seizes Hundreds Of Dark Net Domains

Photo: Josh Valcarcel/WIRED

When “Operation Onymous” first came to light yesterday, it looked like a targeted strike against a few high value targets in the Dark Web drug trade. Now the full scope of that international law enforcement crackdown has been revealed, and it’s a scorched-earth purge of the Internet underground.

On Friday, the European police agency Europol along with the FBI and the Department of Homeland Security announced that the operation has now arrested 17 people in as many countries and seized hundreds of Dark Web domains associated with well over a dozen black market websites.

In addition to the takedowns of drug markets Silk Road 2, Cloud 9 and Hydra revealed Thursday, it’s also busted contraband markets like Pandora, Blue Sky, Topix, Flugsvamp, Cannabis Road, and Black Market. Other takedown targets included money laundering sites like Cash Machine, Cash Flow, Golden Nugget and Fast Cash.

And agents have taken from criminal suspects more than $1 million in bitcoin, $250,000 in cash, as well as an assortment of computers, drugs, gold, silver and weapons that they had yet to fully catalogue.

In all, the agency says it’s seized 414 “.onion” domains, the web addresses used by the anonymity software Tor that hides the physical location of those sites’ servers.

When WIRED spoke Thursday night with Troels Oerting, head of the European Cybercrime Center, he said his staff hadn’t even had time to assemble the full list of sites it’s pulled down in the sprawling operation.

“One of the primary targets was the Silk Road guy,” said Oerting, referring to Blake Benthall, the 26-year old coder arrested in San Francisco Wednesday and accused of managing the popular Silk Road 2 drug site. “But we also decided to see if we could identify more of the administrators of these sites and remove their infrastructure as well…Some moved before we could act, but we’ve taken most of our targets down.”

Europol didn’t immediately share the details of the 17 arrests related to the operation. But aside from Benthall, it revealed earlier on Thursday that two individuals had been arrested in Dublin in a large Dark Web-related drug bust.

Silk Road 2 seized

Just how law enforcement agents were able to locate the Dark Web sites despite their use of the Tor anonymity software remains a looming mystery. In its criminal complaint against Benthall, for instance, FBI agent Vincent D’Agostini writes merely that in May of 2014 the FBI “identified a server located in a foreign country believed to be hosting the Silk Road 2.0 website at the time,” without explaining how it bypassed Tor’s protections.

The sheer number of Tor-hosted sites affected by the takedown raises questions about whether law enforcement officials may have found new vulnerabilities in Tor’s well-tested anonymity shield.

Asked how Operation Onymous located the sites, Europol’s Oerting was unapologetically secretive. “This is something we want to keep for ourselves,” he said. “The way we do this, we can’t share with the whole world, because we want to do it again and again and again.”

The organization that created and maintains Tor, the non-profit Tor project, said it didn’t have any more information on Operation Onymous’ techniques. But it downplayed the threat of a vulnerability in Tor’s safeguards for the tough-to-trace sites it protects known as Tor hidden services.


“It sounds like old-fashioned police work continues to be effective,” said Andrew Lewman. “It could be [that law enforcement targeted] common people or organizations running these hidden services, or a hosting company, or something more mundane than a hidden service exploit.”


Despite whatever tricks Europol and its American counterparts used to unmask the sites, several of the most popular Dark Web drug markets have nonetheless eluded them.

study by the non-profit Digital Citizens Alliance in September found that the six most popular Tor-based markets by total product listings were Silk Road 2, Agora, Evolution, Pandora, Andromeda, and BlueSky. Operation Onymous captured fully half of those top sites.

But Agora, Evolution and Andromeda remain online and will likely absorb many of the refugee buyers and sellers from the law enforcement busts.

In fact, Agora had already passed the Silk Road in total product listings with more than 16,000 mostly-illegal offerings, and the fast-growing marketplaceEvolution was already on pace to soon take the second place spot in the underground economy.

Operation Onymous comes just over a year after the takedown of the original Silk Road drug site and the arrest of its alleged creator Ross Ulbricht, whose trial is scheduled for January.

In an open letter to Attorney General Eric Holder just last week, New York Senator Charles Schumer called for a renewed crackdown on the flourishing Dark Web sites that have filled the void left by the original Silk Road.

He pointed to statistics that show that more than twice as many drugs are now being sold on the Dark Web compared to when the original Silk Road was online.

Though Operation Onymous left many of that underground economy’s major players intact, Europol’s Oerting said he was more confident than ever that the remaining sites can be tracked down and pulled off the Internet.

“This is just the beginning of our work. We will hunt these sites down all the time now,” he said, praising the cooperation of all the international law enforcement agencies involved.  “We’ve proven we can work together now, and we’re a well-oiled machine. It won’t be risk-free to run services like this anymore.”

“Operation Archimedes” yields 1,000 organized crime arrests for Europol


European police made more than 1,000 arrests in a 10-day, continent-wide sweep against organized crime this month that netted suspected people traffickers and cocaine smugglers, law enforcement officials said on Wednesday.

The operation was carried out in towns, airports, and harbors and involved thousands of policemen from all 28 countries of the European Union and six non-European countries.

Police identified 200 victims of human trafficking and saved 30 Romanian minors from trafficking. Some faced forced worked in prostitution or begging gangs, Europol, Europe’s police organization, said.

“It’s the single largest coordinated assault on organized crime ever seen in Europe,” Rob Wainwright, the head of Europol, told a news conference at the organization’s headquarters.

He said the operation was made necessary by the increasing sophistication and interconnectedness of Europe’s crime groups, many of whom were using the hard-to-monitor “dark net” — or encrypted internet — to communicate with one another.

“Months in the planning, it was a carefully coordinated series of attacks on key nodal points and crime sectors that underpin the underground crime economy in Europe,” he said.

“What we have seen emerging is an integrated underground criminal economy,” he said.

Arrests were concentrated on criminal middlemen and go-betweens, as crime kingpins are not typically caught in sweeps but in operations designed to ensnare them.

Dubbed “Operation Archimedes,” 1,027 arrests were made between Sept. 15 and 23. Authorities seized 599 kilograms of cocaine, 200kg of heroin and 1.3 tonnes of cannabis.

The operation yielded leads that would result in further investigations and arrests, Europol said.

Authorities in United States and Colombia also helped in identifying new drug trafficking routes to Europe, including drugs increasingly being shipped in parcels sent by post.

%d bloggers like this: