‘Digital Nomad’ 25-Year-Old Sold ‘Crime As A Service’ Tools Hit 300+ Financial Targets
“A youngster known as Digital Nomad is hitting over 300 financial targets with his Crime as a Service tools.”
The 25-year-old Brazilian head of the “GXC Team,” a well-known worldwide cybercrime organization, has been apprehended by the Spanish police. The group effectively ran a global “Crime-as-a-Service” operation that targeted financial institutions and government agencies across more than 300 entities by selling sophisticated, ready-to-use tools, such as advanced AI-powered phishing kits, to criminals via Telegram and the dark web.
The Spanish Guardia Civil spearheaded the operation, which represents a win against the professionalization of digital fraud, which has been using ready-made software offered by groups such as the GXC Team to grow illegal schemes.
Under the identity “GoogleXcoder,” the suspect led a covert life as a “digital nomad,” moving frequently to avoid detection as his harmful software stole millions from gullible people all over the world.
A Digital Nomad and an International Crime Market
Police characterized the arrested leader, who went by the online handle “GoogleXcoder,” as a developer of Crime-as-a-Service (CaaS) software. The 25-year-old Brazilian, in spite of his youth, had established himself as a major supplier of software for credential theft in Spain and throughout the European Union.
The leader was apprehended in San Vicente de la Barquera as a result of the investigation, which took a year and involved intricate tracking and forensic research. Six other people connected to the network were also identified.
Authorities
| In order to evade detection by law authorities, he and his family led a covert existence as “digital nomads,” frequently relocating between Spanish provinces and utilizing phone lines and credit cards registered under false identities. |
The Arsenal: Bypass Tools for Android and AI
The GXC Team made a lot of money by developing and leasing advanced fraud tools to other criminals. “Business Invoice Swapper,” an AI-powered kit, was their most sophisticated product.
By employing artificial intelligence (AI) to analyze hacked emails, detect messages containing invoices, and automatically substitute the authentic banking details (IBAN and BIC codes) with those of the perpetrators, this application was created to aid wire fraud and Business Email Compromise (BEC) fraud.
The weekly rental price of this gadget was $2,000 (₹1.77 lakh). The group also created malicious Android code that imitated legitimate mobile banking applications. By tricking victims into installing a phony app to “confirm” a One-Time Password (OTP), the thieves were able to intercept the 2FA codes and access banking accounts without authorization.
Targeting Government Identity and Banks
With technologies that could target over 300 entities worldwide, the GXC Team’s criminal ambition was extensive. Targets included global platforms like Amazon, Binance, Coinbase, and Microsoft Office 365, as well as significant financial institutions in the U.S. and Europe (such as Santander, BBVA, Deutsche Bank, and AMEX).
The majority of the victims were spread around the United Kingdom and other European Union member states. The group’s specialty was identity theft in addition to financial fraud. To steal citizens’ credentials and personal information, they created sophisticated phishing pages that mimicked legitimate government websites, such as the Spanish GOB.ES site and the Australian my.gov.au portal.
The Recovery and Operation of Stolen Money
Six coordinated raids around Spain were the result of the intricate investigation headed by the Cybercrime Department of the Civil Guard’s Central Operational Unit (UCO). Officers were able to apprehend “GoogleXcoder” and confiscate electronic devices that contained the source code for the phishing kits, corporate communications chats, and personal accounts.
After a year-long forensic and cryptocurrency research, officials were also able to retrieve the victim’s cash that had been stored on other digital platforms, which was a significant success for the investigation.
Since then, the group’s primary Telegram channels have been shut down, and police are still analyzing the digital evidence they have obtained. They have stated that additional action, including more arrests, is not completely out of the question.
About The Author
Suraj Koli is a content specialist in technical writing about cybersecurity & information security. He has written many amazing articles related to cybersecurity concepts, with the latest trends in cyber awareness and ethical hacking. Find out more about “Him.”
Read More:
About Author
English