According to the Interpol, thousands of compromised systems have been uncovered in ASEAN (Association of Southeast Asian Nations. The systems included Command and Control servers that were infected with malware.
An Interpol-led operation targeting cybercrime across the ASEAN region has resulted in the identification of nearly 9,000 Command and Control (C2) servers and hundreds of compromised websites, including government portals.
Researchers from TrendMicro, Kaspersky Lab, Fortinet, Palo Alto Network Helped
Researchers from seven cybersecurity companies also took part in the research. TrendMicro, Kaspersky Lab, CyberDefense Institute, Booz Allen Hamilton, British Telecom, Fortinet and Palo Alto Network joined efforts to develop actionable information packages, Interpol explains.
Specialists from Interpol’s Cyber Fusion Center used this private sector information alongside cyber issues flagged by the countries in the ASEAN region. Thus, experts were able to highlight the threats and types of criminal activities. The conducted analysis outlined 270 websites infected with malicious code which served to exploit a vulnerability in the website design application. Unfortunately, there were several government websites among them which were highly likely to contain personal citizen data.
Phishing websites were also discovered as well as some of their operations. For example, “one criminal based in Indonesia selling phishing kits via the Darknet had posted YouTube videos showing customers how to use the illicit software,” Interpol says.
The threats posed by the 8,800 C2 servers found to be active across eight countries included various malware families including those targeting financial institutions, spreading ransomware, launching Distributed Denial of Service (DDoS) attacks and distributing spam. Investigations into the C2 servers are ongoing.
Why was the operation important?
As Chief Superintendent Francis Chan (Chairman of Interpol’s Eurasian cybercrime working group and Head of the Hong Kong Police Force’s cybercrime unit) said, the operation aided in developing capacity and expertise of officers in the participating countries. Thanks to the collaborative efforts, participants were able to identify and address different types of cybercrime activities which hadn’t been previously tackled, Chief Superintendent Chan adds.