Polish authorities have arrested four suspected hackers whose many alleged crimes include using SIM swaps to steal accounts and send messages to falsely incriminate their victims. The hackers became notorious after they sent bomb threats to 1,066 kindergartens across Poland within the space of two days, prompting more than 10,000 people to be evacuated from 275 of the kindergartens. On one occasion they even tried to punish a detective and former member of parliament for investigating them by racking up huge mobile phone bills in his name.
Zaufana Trzecia Strona reports (in Polish) that the four arrested suspects are:
- Kamil S., a hacker who used the alias Razzputin and is also of interest to the United States Federal Bureau of Investigation
- Paweł K., a criminal ‘banker’ who used the pseudonym Manster_Team
- Janusz K., considered by authorities to be one of the most talented and dangerous hackers in Poland
- Łukasz K., described as an important figure in the criminal underground
They are variously accused of:
- sending phishing messages that impersonated the police, tax authorities, bailiffs, delivery firms and the cybersecurity services of Orange Poland
- infecting over 1,000 computers and mobile phones with malware
- obtaining personal information and using it to swap SIMs
- exploiting these methods to steal PLN199,000 (USD51,000), PLN220,000 (USD56,000) and PLN243,000 (USD62,000) from the bank accounts of three victims
- attempting to steal PLN7.9mn (USD2mn) from a fourth victim, and only being foiled because the victim’s banker did not recognize the voice of the SIM swapper when he called to verify the transfer
- creating at least 50 fake online stores that cheated over 10,000 victims
TVN24 reports (in Polish) about their most outrageous criminal endeavors, which began when Łukasz K. looked for hackers on internet forums that could help him hurt a former business partner. Janusz K. responded and was paid PLN5,000 (USD1,300) to send an email that seemingly originated from the account of the business partner and which threatened to bomb a school. The bogus email resulted in the business partner being arrested and detained for 48 hours. Łukasz K. enjoyed the plot so much that he then instructed Janusz K. to repeat it on a much larger scale, with the additional twist that each of the kindergarten threats also included a demand for money.
The targets of this campaign of harassment responded by hiring one of Poland’s most famous private detectives, Krzysztof Rutkowski. This represented a high-profile challenge to the hackers as Rutkowski is famous for his appearances on Polish television and also for using the diplomatic passport he obtained whilst he was a member of parliament to enter foreign countries and capture fugitives who could not be extradited. But instead of being intimidated by the hiring of Rutkowski, the hackers responded by adding several thousand złotys to his phone bill.
Europol issued a statement that confirmed the arrests were made by Poland’s Central Bureau of Investigation (Centralne Biuro Śledecze Policji) under the supervision of the Regional Prosecutor’s Office in Warsaw (Prokuratura Regionalna w Warszawie).