Europol Take Down the Oldest Rex Mundi Hacker Group

The Internet oldest hacker group Rex Mundi was taken down supported by the Europol and the Joint Cybercrime Action Taskforce (J-CAT).

Rex Mundi hacker group was active since at least 2012, they cracked into several organizations and blackmail organizations demanding ransom.

They involved in the chain of attacks and contains a long list of victims AmeriCash Advance, Webassur, Drake International, Buy Way, Hoststar, Web solutions.it, Numericable, Habeas, AlfaNet, Domino’s Pizza, and the Swiss bank Banque Cantonale de Geneve (BCGE).

In last may 2017 a British company was the victim of the hacker group, a large amount of customer data has been compromised, the attack was claimed by “Rex Mundi” and they shared a number of login details to the company to prove they had access to the data.

“The French-speaking person also demanded a ransom of either almost EUR 580 000 for the non-disclosure of the customer data or over EUR 825 000 for information on the security breach and how to handle it. For each day the company failed to pay, there would be a ransom of EUR 210 000.”

With the information provided by Metropolitan Police in the UK, the international operation has been started. Five people from the hacker group were arrested by French authorities in June 2017 and the main suspect admitted that he “involved in blackmail but hired the services of a hacker on the dark web to carry out the cyber-attack.” reads Europol statement.

The French police arrested other two Hackers in October 2017 and the last participant in the group was also French national with coding skills and he was arrested in Thailand.

“As indicated in the report, for such financially motivated extortion attempts, attacks are typically directed at medium-sized or large enterprises, with payment almost exclusively demanded in Bitcoins.”

Also Read

1. Hackers Used Default/weakest Credentials for IoT Botnet Command and Control Server
2. China Government Hackers Compromised U.S Navy Contractor Computers & Stolen 614 gigabytes of Highly Sensitive Data.
3. Hackers Now Switching to Telegram as a Secret Communication Medium for Underground Cybercrimes