In the News

Sharing threat information among peers benefits all parties through awareness, informed decision making, and increased resilience. The NCFTA sharing model also includes responsible sharing with and support of law enforcement to enable authorities to disrupt cyber-criminal actors and groups wherever they may be. This is a big reason why we do what we do; to impose a consequence on those who leverage the internet to criminally benefit themselves or others.

Included below are press releases pertaining to successful law enforcement investigations and other newsworthy items in which the NCFTA or NCFTA community played a supporting role.

Congratulations to those law enforcement agencies, case agents, and prosecutors who have invested countless hours while seeking justice for exploited victims.

Featured Stories

September 26, 2024

Two Russian Nationals Charged in Connection with Operating Billion Dollar Money Laundering Services

Justice Department Seizes Web Domains for Multiple Illicit Crypto Exchanges

July 26, 2024

Operation Chakra-II: India's CBI takes Action to dismantle major cyber crime network, arrests 43

India's Central Bureau of Investigation arrests 43 and disrupts major international criminal call center responsible for targeting victims globally.

July 19, 2024

UK Arrests Suspected Scattered Spider Hacker Linked to MGM Attack

UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective...the arrest is part of a broader investigation conducted by the National Crime Agency and the FBI into a hacking group known to breach networks, steal data, and deploy ransomware in extortion schemes.

May 29, 2024

911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation

YunHe Wang, a People's Republic of China national, was arrested on May 24 on charges that he created and operated the world's largest botnet and deployed malware across millions of residential Windows computers worldwide. Wang generated millions of dollars by offering cybercriminals access to these infected computers for a fee.

December 18, 2023

Police Raid “Skimmer Manufacturing Lab” in Houston Airbnb, Charge Romanian Suspects Who Crossed Canadian Border

Four suspects, believed to be connected to Romanian crime families, have been charged in connection to a card skimming scheme. The group allegedly crossed the border from Canada into Vermont and cut off their court-ordered GPS ankle monitors before placing credit card skimmers at several locations while temporarily staying in Houston, according to court documents.

November 14, 2023

RUSSIAN NATIONAL PLEADS GUILTY TO OPERATING ILLEGAL PROXY SERVICE THAT INFECTED TENS OF THOUSANDS OF INTERNET-CONNECTED DEVICES

Sergei Makinin, a Russian and Moldovan national, pled guilty to three counts of knowingly causing the transmission of a program that intentionally caused damage without authorization to protected computers.

August 29, 2023

Qakbot Malware Disrupted in International Cyber Takedown

Qakbot malware infected more than 700,000 victim computers, facilitated ransomware deployments, and caused hundreds of millions of dollars in damage. The action represents the largest U.S.-led financial and technical disruption of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.

July 24, 2023

SoCal Skimmer Gets Prison for Million-Dollar Financial Identity Theft Scheme

A Los Angeles resident was sentenced to 41 months in prison for repeatedly installing at least 54 skimming devices at gas pumps throughout Southern California. Haykaz Mansuryan is the third co-conspirator in this scheme to be sentenced. Two additional defendants are presently set for a jury trial. One defendant, Petros Armutyan, remains a fugitive. The remaining 3 defendants are pending sentencing.

April 11, 2022

Justice Department Investigation Leads to Shutdown of Largest Online Darknet Marketplace

Russian Resident Indicted on Conspiracy Charges Related to Operating Hydra Market

April 6, 2022

Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU)

The operation copied and removed malware known as “Cyclops Blink” from the botnet’s command-and-control devices, disrupting the GRU’s control over thousands of infected devices worldwide. Victims must take additional steps to remediate the vulnerability and prevent malicious actors from further exploiting unpatched devices.

March 30, 2022

Global Operation Disrupts Business Email Compromise Schemes

Following on the success of Operation Wire Wire and Operation reWired, the FBI conducted another significant, coordinated effort to disrupt Business Email Compromise (BEC) schemes that intercept and steal wire transfers sent by businesses and individuals. The U.S. Department of Justice and international law enforcement partners carried out Operation Eagle Sweep over a three-month period and arrested 65 suspects in the United States and overseas, including 12 in Nigeria, eight in South Africa, two in Canada, and one in Cambodia. In parallel with Operation Eagle Sweep, Australia, Japan, and Nigeria conducted local operations targeting BEC actors.

March 9, 2022

Texas Man Sentenced to Prison for Defrauding National On-line Retailers

Adam George Redmon, age 38, of Austin, Texas, was sentenced to a year and a day in federal prison for mail fraud that victimized at least eleven national retailers and financial institutions.