December 3, 2023

A long-running series of cyber frauds of phishing credticards targeting the customers of French banks, telecoms, and multinational corporations ran under the mom de guerre ‘Dr HeX‘ arrested by Morocco police.

The arrest marked a milestone in a two-year investigation, dubbed ‘Operation Lyrebird’.

The starting point in its research to identify and deanonymize the alleged cybercriminal was the extraction of a phishing kit exploiting the brand of a large French bank.

Scripts contained in the phishing kit had its creator’s handle, Dr HeX, and a contact email address that was reused for other purposes across the web.

According to the DNS data analysis, this name was used to register at least two domains, which were created using the email from the phishing kit. A total of five email addresses associated with the accused were identified, along with six nicknames, and his accounts on Skype, Facebook, Instagram, and Youtube.

The suspect was involved in attacks on 134 websites from 2009-2018, leaving behind his signature name on the target web pages. Further analysis of Dr Hex’s digital footprint revealed his association with other malicious activities including posts on several underground forums related to malware development.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

Staples affected by a Cyber Attack

December 2, 2023

CISA KEV Update Part I – December 2023

December 1, 2023 2

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023
%d bloggers like this: