Polish and Swiss law enforcement authorities, supported by Europol and Eurojust, dismantled a hacking group involved in distributing stolen user credentials, creating and distributing malware and hacking tools, and fraud. The hackers created a sophisticated script to gain access to a large number of Swiss customer accounts.
After a multi-location search at the end of April, Polish National Police arrested five individuals believed to be members of the group called InfinityBlack. They also seized assets valued at about €100 000, and shut down databases containing over 170 million entries.
InfinityBlack profited from selling the stolen credentials to other criminal groups. Swiss authorities got involved when stolen data was being used in Swiss shops. Europol assisted in coordination between the cyber-agencies of the two countries.
Why it matters
While password sharing by consumers poses a risk of infringing use of consumer video accounts, the much greater risk – to businesses that are compromised, and to consumers who suffer from malware attacks – comes from the sale of databases, such as this one.
It’s a reminder that video content and service providers should maintain strict security IT practices, using accepted guidelines. One example is the “Film and Production Security Guidelines” document published by CDSA, the Content Delivery & Security Association within MESA (the Media and Entertainment Security Alliance), an industry organization of the film industry.
Europol, the European Union Agency for Law Enforcement Cooperation, supports the fight against terrorism, cybercrime and other serious and organised forms of crime in the European Union
Eurojust, the European Union Agency for Criminal Justice Cooperation, facilitates judicial cooperation across the EU.