Cyber Security News

Europol Dismantled 50+ Servers Used For Fake Online Shopping Websites

Europol, in collaboration with law enforcement across Europe, has taken down a sophisticated cybercriminal network responsible for large-scale online fraud.

Over 50 servers were seized, a trove of digital evidence was secured, and two primary suspects are now in pretrial detention, marking a significant victory in the fight against cybercrime.

Discovery of a Criminal Network

The investigation, spearheaded by Germany’s Hanover Police Department (Polizeidirektion Hannover) and the Verden Public Prosecutor’s Office (Staatsanwaltschaft Verden), began in late 2022 after reports surfaced of fraudulent phone scams.

Victims were tricked into disclosing sensitive information by callers posing as bank employees.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration

The stolen data was traced to a specialized online marketplace—a central hub for trading illegally obtained personal information, sorted conveniently by region and account balance.

This marketplace served as the foundation for the criminal operation, enabling scammers to purchase targeted data and commit fraud with alarming precision.

Investigators also uncovered an intricate network of fake online shopping websites, designed to phish consumers’ payment credentials. The stolen information was then sold on the marketplace, generating substantial profits for the operators of the scheme.

On December 4, authorities carried out synchronized enforcement actions across several European countries.

Investigations and raids were conducted in Germany and Austria, while the infrastructure supporting the criminal network, including over 50 servers, was dismantled in Germany, Finland, the Netherlands, and Norway.

In total, over 200 terabytes of critical digital evidence were seized, shedding light on the network’s extensive operations.

Two primary suspects—a 27-year-old arrested in Germany and a 37-year-old detained in Austria—are currently facing pretrial detention under European arrest warrants.

Europol’s European Cybercrime Centre (EC3) played a pivotal role in the operation, providing expertise, resources, and intelligence-sharing platforms to assist national authorities.

With its advanced forensic capabilities and a dedicated task force of data scientists, Europol analyzed vast amounts of digital evidence to uncover critical links in the network. On the day of the action, three EC3 experts were deployed to Germany and Austria to support local law enforcement.

The operation is a testament to effective multi-agency cooperation, with contributions from law enforcement agencies in Austria, Czechia, Finland, Germany, the Netherlands, and Poland.

The success of this operation highlights the growing strength of international collaboration in combating cybercrime and protecting digital ecosystems from criminal exploitation.

Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network infrastructure…

8 hours ago

Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft

The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted on…

8 hours ago

Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload

Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into unsuspecting…

10 hours ago

Cybercriminals Exploit Network Edge Devices to Infiltrate SMBs

Small and midsized businesses (SMBs) continue to be prime targets for cybercriminals, with network edge…

10 hours ago

Criminal IP to Showcase Advanced Threat Intelligence at RSAC™ 2025

Joining Criminal IP at Booth S-634 | South Expo, Moscone Center | April 28 –…

10 hours ago

TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands

Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four TP-Link router models, enabling attackers…

11 hours ago