The OPERA1ER group’s illicit activities have resulted in estimated losses of at least $11 million, with the potential to exceed $30 million.
In a breakthrough against cybercrime, authorities have apprehended a suspected senior member of the notorious cybercriminal organization known as OPERA1ER.
The arrest, which occurred in Côte d’Ivoire, a country in West Africa, marks a significant blow to the group’s criminal activities that have targeted financial institutions and mobile banking services across Africa, Asia, and Latin America.
The international operation, codenamed Nervone, was conducted in collaboration between INTERPOL, AFRIPOL, Group-IB, and Côte d’Ivoire’s Direction de l’Information et des Traces Technologiques (DITT).
OPERA1ER Cybercrime Group
OPERA1ER, also identified as Common Raven, Desktop-Group, and NXSMS, has been operating since at least 2016, carrying out highly-organized attacks using sophisticated techniques such as spear-phishing campaigns, malware distribution, and large-scale Business Email Compromise (BEC) scams.
The group has targeted financial institutions, telecoms firms, and mobile banking services, exploiting vulnerabilities to steal funds. Their illicit activities have resulted in estimated losses of at least $11 million, with the potential to exceed $30 million.
The cybercriminal gang’s malicious email campaigns first came to the attention of Group-IB in 2018, when they detected spear-phishing operations responsible for spreading remote access tools and other malware.
In a collaborative effort, INTERPOL’s Cybercrime Directorate, Group-IB, and Orange exchanged intelligence, allowing authorities to track the group’s activities and identify a likely location for their operations.
Additional support was provided by the United States Secret Service’s Criminal Investigative Division and Booz Allen Hamilton DarkLabs cybersecurity researchers, who confirmed leads crucial to the investigation.
How it occurred
The arrest of a key suspect in Côte d’Ivoire in early June resulted from the successful coordination of international efforts. The captured individual is believed to be a senior member of OPERA1ER and was involved in attacks against financial institutions across Africa.
Authorities are confident that this arrest will have a significant impact on the group’s criminal endeavours, disrupting their network and preventing further financial losses.
In a press release, Bernardo Pillot, INTERPOL’s Assistant Director of Cybercrime Operations, commended the operation, stating,
“Operation Nervone is a testament to what we can achieve through international collaboration and intelligence sharing. This successful operation marks a significant step in our ongoing mission to dismantle organized cybercrime networks, showcasing the power of collective action in stemming the tide against cybercrime.”Bernardo Pillot
The successful arrest of a senior member of the OPERA1ER cybercrime group demonstrates the importance of international collaboration and the tireless efforts of law enforcement agencies and cybersecurity experts in safeguarding financial systems and protecting individuals from cyber threats.
As the fight against cybercrime continues, authorities remain dedicated to dismantling criminal networks and ensuring the security of global cyberspace.