Arrested: 4 most active hackers involved in SIM Swap, malware attacks

Cybercriminals across Poland are on the run as Polish police have launched a countrywide crackdown in collaboration with Europol.

In March 2020, it was reported that Europol busted a sim-swapping network working across Europe. Now, four suspected hackers have been arrested by the Polish Police Centre Bureau of Investigation (Centralne Biuro Śledecze Policji).

The arrests are a result of a countrywide crackdown against cybercriminals.

The detained individuals are allegedly part of coordinated cybercrime campaigns. Polish authorities claim them to be “the most active cybercriminals in the country.”

The operation was carried out under the supervision of the provincial police headquarters’ cybercrime divisions, the Regional Prosecutor’s Office in Warsaw (Prokuratura Regionalna w Warszawie), and Europol’s European Cybercrime Centre (EC3).

The arrested suspects are reportedly involved in a wide range of cybercrime activities, including malware distribution, SIM swapping, and e-commerce fraud.

The investigators revealed that two suspects distributed malware, including Remote Access Tools (RAT) and mobile malware. They distributed the malware via phishing emails disguised as emails from government institutions. This particular scam claimed more than 1000 victims across Poland.



Moreover, the criminals stole sensitive private data, including bank account credentials, after deploying malware on the victims’ phones and PCs. They duped the victims’ mobile phone operators by impersonating as the victim using the data they stole to carry out SIM swapping.

According to Europol’s press release, as soon as they obtained the SIM, they could spy on the user, keep track of all the text messages and incoming calls, and receive the one-time banking passwords.

Watch as Polish Police takes on hackers:

What is a sim swapping attack?

SIM swapping is also known as SIM Hijacking. It is a kind of identity theft in which an attacker managed to create a new SIM card of any number fraudulently and use it for personal gains, without the knowledge or consent of the original user of the phone number.

To get the duplicate SIM card, the attacker usually calls the telecom firm and convinces their customer support service for being the actual owner of the phone number by providing the target’s personal information. Thus, the telecom firm ports the phone number to a new SIM card that is received by the attacker.



In this case, the hackers used the passwords to transfer money from the victims’ bank accounts into their own accounts or crypto wallets. They could steal more than €147 000 (PLN 662 000) through SIM swapping.

One of the four suspects ran 50 fake e-commerce stores and defrauded approx. 10,000 people. Some of these bogus shops also distributed malware. Two of the hackers were behind a string of bomb threats sent to Kindergartens all over Poland and resulted in 13,350 individuals’ evacuation.

You may also like...