Numerous members of the multinational KwaAZZ cybercriminal gang have been accused of offering money laundering services for valuable transactions involving malicious software.
This week, 20 members of the multinational cybercrime group QQAAZZ in the United States, Portugal, Spain and the United Kingdom were indicted for providing money laundering services.
These arrests are the result of an unprecedented international police operation coordinated by Europol and known as Operation 2BaGoldMule, in which the authorities of 16 countries participate. The police have carried out more than 40 searches in Latvia, Bulgaria, the United Kingdom, Spain and Italy.
The police also took charge of a large bitumen mining operation in Bulgaria in connection with KuaAZZ.
According to law enforcement, the gang provides services for numerous malicious operations, including Dridex, GozNym and Trickbot.
Since 2016, QQAAZZ has been trying to launder tens of millions of objects stolen from victims.
The QQAAZZ network, made up of members at various levels, mainly from Latvia, Georgia, Bulgaria, Romania and Belgium, opened and managed hundreds of corporate and individual accounts with financial institutions around the world to receive money from cybercriminals who stole it from victims’ accounts. The funds were then transferred to other bank accounts controlled by the QQAAZZ and sometimes converted into crypto-correct currency using flashing services designed to hide the original source of the funds. After accepting payment of up to 50%, QQAAAZZ returned the balance of the stolen money to its customers’ terminals.
The QQQAAZZ gang has advertised its services in numerous Russian-language online cybercrime forums as a global conspiracy bank dumping service.
A gang member used instant messaging applications to tell his client how to transfer stolen money to bank accounts under his control. Bank accounts have been opened by smugglers with forged Polish and Bulgarian legal identity documents.
QQAAZZ also attracts dozens of fictitious companies to open more bank accounts.
The money laundering operation involved hundreds of corporate and individual accounts with financial institutions around the world.
Part of the money was also converted into crypto-correct currency by acrobatic performances to hide the original source of the money.
The funds were then transferred to other bank accounts controlled by the QQAAZZ and sometimes converted into crypto-correct currency using flashing services designed to hide the original source of the funds. After accepting payments of up to 40-50%, QQAAAZZ returned the remaining stolen money to its cybercriminal customers.
Cybercriminals are constantly investigating new ways to misuse technology and financial frameworks to fall victim to millions of users around the world in the blink of an eye, according to Edwardas Schilleris, Director of Europol’s European Cybercrime Centre.
Today’s operation shows how, with good international coordination of law enforcement efforts, we can turn these criminals around and bring them to justice.
(Security issues – Hacking, cybercriminal gang QQAAZZ)