Rex Mundi hacking extortion gang busted by Europol

Eight French nationals arrested over the last year.

Rex Mundi

There’s so much bad news about computer security that we sometimes forget to applaud when something good happens.

Let’s change that right now.

Europol has announced the arrest last month of a 25-year-old French man in Thailand, as part of a year long investigation into a notorious gang of hackers and extortionists.

The gang, known as Rex Mundi, has been operating since at least 2012.

As Bleeping Computer reports, Rex Mundi made a name for itself hacking into corporations to steal data, and then blackmailing victims by threatening to release the sensitive information.

Victims of Rex Mundi included Dominos Pizza, which refused to pay a ransom after the the personal details of some 650,000 customers were stolen by the hackers.

The hackers created a website on the dark web for the purposes of disseminating data that they had stolen.

Rexmundi site

In a statement, Europol detailed an attempted extortion last year which ultimately resulted in the arrest of gang members:

In May 2017 a British-based company was the victim of a cyber-attack during which a large amount of customer data was compromised. The attack was immediately claimed by an organisation called Rex Mundi.

A few days later, the company received a phone call from a French-speaking person explaining that he was a member of Rex Mundi. This person shared a large number of credentials with the company to prove that they had access to the data.

The corporate victim was told that they would have to pay almost EUR 580,000 to prevent customer data from being disclosed, or EUR 825,000 for information on how the hackers breached security. To increase pressure further, the company was told that for every day that it failed to pay, there would be an additional ransom of EUR 210,000.

All payments were to be made in Bitcoin.

The unnamed British firm contacted the UK’s Metropolitan police, who worked with French high-tech crime police and Europol. Within an hour, Europol man aged to link the available information to a French national.

French authorities arrested five people in June 2017. The main suspect admitted his involvement in the extortion, but said he had hired someone else via the dark web to carry out the hack itself.

French Police went on to arrest two hackers in France in October 2017, and the final piece of the jigsaw, also a French national with coding skills, was arrested on 18 May by the Royal Thai Police under a French international arrest warrant.

Tags: , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:

, , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.