Sunday, June 15, 2025
HomeCyber AttackQQAAZZ Group Charged for Providing money-laundering Services to Malware Operations

QQAAZZ Group Charged for Providing money-laundering Services to Malware Operations

Published on

SIEM as a Service

Follow Us on Google News

Law enforcement agencies charged the QQAAZZ group for working with Cybercriminals around the world to launder money stolen from victims of computer fraud in the United States and worldwide.

The law operation was conducted in 16 countries resulting in the arrest of 20 individuals suspected to be part of the QQAAZZ criminal network.

Transnational Criminal Organization

In the operation, authorities searched for more than in Latvia, Bulgaria, the United Kingdom, Spain, and Italy. Among them, a larger number of searches were carried out in Latvia.

- Advertisement - Google News

The group believed to be laundered or attempted to launder, tens of millions of euros in stolen funds since 2016.

To manage the financial transactions the QQAAZZ network opened several bank accounts at financial institutions throughout the world to receive money from the Cybercriminals.

Once they receive money from cybercriminals who stole it from accounts of victims, it will get transferred to other QQAAZZ-controlled bank accounts and sometimes it will be converted to cryptocurrency.

For the transactions, the QQAAZZ group takes around 50-percent of the stolen funds and return to the cybercriminals.

“QQAAZZ advertised its services as a “global, complicit bank drops service” on Russian-speaking online cybercriminal forums where cybercriminals gather to offer or seek specialized skills or services needed to engage in a variety of cybercriminal activities.”

The world’s leading malware operators (e.g.: Dridex, Trickbot, GozNym, etc.) are benefited from the services provided by QQAAZZ.

Edvardas Šileris, Head of Europol’s European Cybercrime Centre, said: “Cybercriminals are constantly exploring new possibilities to abuse technology and financial frameworks to victimize millions of users in a moment from anywhere in the world. Today’s operation shows how through a proper law enforcement international coordination we can turn the table on these criminals and bring them to justice.”

In October 2019 five defendants were charged, one defendant charged in late March 2020 and 14 other defendants of the group charged yesterday.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Operator Behind the Most Infamous GandCrab Ransomware Arrested in Belarus

Interpol Arrested 3 Indonesian Hackers Who have Hacked Hundreds of Ecommerce Websites With JS-Sniffer Malware

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Kali Linux 2025.2 Released: New Tools, Smartwatch and Car Hacking Added

Kali Linux, the preferred distribution for security professionals, has launched its second major release...

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced...

NIST Releases New Guide – 19 Strategies for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released groundbreaking guidance to help...

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware's Spring Framework has been...

Credential Abuse: 15-Min Attack Simulation

Credential Abuse Unmasked

Credential abuse is #1 attack vector in web and API breaches today (Verizon DBIR 2025). Join our live, 15-min attack simulation with Karthik Krishnamoorthy (CTO - Indusface) and Phani Deepak Akella (VP of Marketing - Indusface) to see hackers move from first probe to full account takeover.

Discussion points


Username & email enumeration – how a stray status-code reveals valid accounts.
Password spraying – low-and-slow guesses that evade basic lockouts.
Credential stuffing – lightning-fast reuse of breach combos at scale.
MFA / session-token bypass – sliding past second factors with stolen cookies.

More like this

Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks

Fog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime:...

JSFireTruck Obfuscation Helps Cybercriminals Hijack Trusted Sites with Malicious JavaScript

A sophisticated and extensive cyber attack campaign has been uncovered, in which threat actors...

Don’t Click “Unsubscribe” links blindly It May Leads to Loss of Credentials

Imagine your inbox is overflowing with promotional emails—some from familiar companies, others less so....