SINGAPORE: A cybersecurity operation has uncovered hundreds of malware-infected websites – including government portals – across Southeast Asia.
In a statement on Monday (Apr 24), the International Criminal Police Organisation (Interpol) said that the Interpol-led operation identified “nearly 9,000 command-and-control (C2) servers and hundreds of compromised websites, including government portals”.
Command-and-control servers can be used to control malware – malicious software, which can include computer viruses, spyware, and other malicious programmes.
“Analysis identified nearly 270 websites infected with a malware code which exploited a vulnerability in the website design application,” Interpol said. “Among them were several government websites which may have contained personal data of their citizens.”
A number of phishing website operators were also identified, including one with links to Nigeria, said Interpol, adding that further investigations into other suspects are still ongoing. One Indonesia-based criminal who was selling phishing kits via the Darknet had posted YouTube videos showing customers how to use the illicit software, it said.
The cybersecurity operation, which was run out of the Interpol Global Complex for Innovation (IGCI) based in Singapore, involved investigators from countries in the region, including Singapore, Indonesia, Myanmar, Philippines, Thailand and Vietnam.
It also involved experts from seven private sector companies – Trend Micro, Kaspersky Lab, Cyber Defense Institute, Booz Allen Hamilton, British Telecom, Fortinet and Palo Alto Networks.
IGCI Executive Director Noboru Nakatani said the operation was a perfect example of how the public and private sectors could work together to combat cybercrime.
“Sharing intelligence was the basis of the success of this operation, and such cooperation is vital for long term effectiveness in managing cooperation networks for both future operations and day to day activity in combating cybercrime,” said Mr Nakatani.
Assistant Commissioner Cheng Khee Boon, the commander of the Singapore Police Force (SPF)’s cybercrime command, said that SPF would spare no effort to track down cybercriminals.
“The Singapore Police Force will continue to work closely with our ASEAN counterparts and the Interpol community to eradicate criminal activities in the cyberspace. We will spare no effort to track down cybercriminals who think that they can operate under the impunity of cross jurisdictions,” he said in the Interpol statement.
Read more at http://www.channelnewsasia.com/news/singapore/nearly-9-000-malware-laden-servers-compromised-websites-found-in-8788270