Authorities have arrested a Moroccan citizen believed to have orchestrated cyberattacks against over one hundred websites, in addition to engaging in various other nefarious activities.
Operating under the online moniker Dr HeX, the individual is believed to have defaced more than 130 websites between 2009 and 2018. Furthermore, he is believed to have targeted several French telecommunications companies to steal credit card data.
According to an investigation from Singapore-based cybersecurity firm Group-IB, the individual, who has not been named, was likely involved in a multitude of malicious activities, including malware development, phishing, fraud, and carding.
In addition to modifying the appearance and content of numerous websites, Interpol says, the threat actor also targeted banks and multinational companies with malware. Overall, he is believed to have targeted thousands of victims.
With the help of phishing kits that impersonated online banking portals, he and other cybercriminals stole sensitive information and defrauded unsuspecting victims.
The Moroccan Police arrested the individual in May, following a two-year investigation – dubbed Operation Lyrebird – that saw participation from Interpol and Group-IB.
“This is a significant success against a suspect who is accused of targeting unsuspecting individuals and companies across multiple regions for years, and the case highlights the threat posed by cybercrime worldwide,” Stephen Kavanagh, Interpol Executive Director of Police Services, said.
Group-IB identified the alleged hacker based on email addresses, nicknames, and accounts on online services such as Facebook, Instagram, Skype, and YouTube.
Related: Nigerian Arrested in US for Hacking Payroll Services Company
Related: Kenyan Arrested in Qatar First Targeted by Phishing Attack
Related: Police in Europe Bust Gang Hijacking Celeb Phones, Arrest 10