Get all your news in one place.
100’s of premium titles.
One app.
Start reading
AAP
AAP
Sam McKeith

AFP intel helps crack cybercrime syndicate in Malaysia

Intelligence from the AFP has helped police in Malaysia arrest suspected online scammers. (Lukas Coch/AAP PHOTOS)

Eight people have been arrested over their alleged role in a global cybercrime syndicate targeting federal government websites.

Malaysian authorities arrested the alleged e-criminals for developing kits for phishing - a scam based on fake emails or texts that trick people into giving over personal information - that targeted the government's myGov website.

The arrests were made after the AFP gave intelligence to Royal Malaysian Police that identified a Malaysian national advertising the phishing kits, the AFP said in a statement with the RMP and United States Federal Bureau of Investigation (FBI) on Monday.

A Malaysian national, 35, and seven other individuals who were allegedly mules for the man, were arrested and charged under Malaysian law over the scam.

AFP Detective Superintendent Darryl Parrish said Australians lost more than $24.6 million to phishing attacks last year.

"Cybercriminals will use any tools and tricks to exploit people for their own profit, in this case it is mimicking trusted government websites," Det Supt Parrish said.

The AFP outlined the operation and architecture of the phishing service, and identified a link with a "bulletproof" hosting service that facilitated the criminal activity, the agencies said.

The kits allegedly contained phishing templates and scripts replicating government websites in Malaysia, Australia and the US, and were being sold to e-criminals.

The FBI linked the "bulletproof" hosting service to the alleged organised criminal syndicate.

Investigators seized more than 60 terabytes of data, including three servers and one network storage device, the agencies said.

The arrests come after the federal government released this month a national cyber security strategy aimed at becoming a world leader e-security by 2030, after it conceded authorities lacked methods to hold cyber criminals at bay.

Australia has been rocked in recent times by a series of hacks on prominent companies including Optus, Medibank and ports operator DP World Australia. 

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.