Nigerian Police join INTERPOL, Group-IB to arrest three suspected TMT fraudsters

Nigeria Police Force alongside INTERPOL and Group-IB have arrested three Nigerians suspected of being part of a cybercrime group that has scammed tens of thousands of victims around the world.

The suspects were arrested in Lagos State.

The operation dubbed ‘Operation Falcon, saw INTERPOL’s Cybercrime and Financial Crime units work closely with Group-IB to identify and locate threats, and ultimately, assist the Nigerian Police Force, via the INTERPOL National Central Bureau in Abuja, in taking swift action.

Group-IB, a security firm, said the three suspects are members of a cybercrime group they have been tracking since 2019 under the codename TMT.

Group-IB said the group primarily operated by sending out mass email spam campaigns containing files laced with malware.

To send their email spam, the group used the Gammadyne Mailer and Turbo-Mailer email automation tools and then relied on MailChimp to track if a recipient victim opened their messages.

According to Group-IB, the prolific gang is believed to have compromised government and private sector companies in more than 150 countries since 2017.

Interpol said more than 500,000 government and private sector companies in more than 150 countries received emails from the group.

The three unnamed Nigerians are alleged to have developed phishing links, domains, and mass mailing campaigns in which they impersonated representatives of organizations.

After that, they will use the campaigns to disseminate 26 malware programmes, spyware and remote access tools, including AgentTesla, Loki, Azorult, Spartan and the nanocore and Remcos Remote Access Trojans.

These programmes were used to infiltrate and monitor the systems of victim organizations and individuals, before launching scams and syphoning funds.

Group-IB said the group was organized in multiple smaller sub-groups that worked together and that many of the TMT’s members are still at large.