French national behind UK data breach caught in Thailand

The Europol has announced the arrest of a 25 year old French national who was involved in the cyber-attack of several companies in the past few years. The investigation that led to his arrest started last year when a group of hackers known as the “Rex Mundi” were identified to be behind a hacking case that led to the breach of sensitive data of a top UK firm. Five members of the gang were arrested in June last year, and two were also arrested in October last year, according to the Europol.

Based on a search warrant issued by the French National Police, the Royal Thai police and the support of the Europol and the Joint Cybercrime Action Taskforce conducted an intensive search leading to the arrest of the Rex Mundi member in May of this year. Together with the accomplices, the 25 year old made a UK firm his top target and successfully hacked and held their data captive.

According to the Europol, the gang had two options for the hacked firm after proving that they had accessed their data. The firm was told to either pay a ransom of €580,000 to save their data from being displayed to the public or pay €825,000 to be lectured on how the data was hacked and also, information on how to handle it.

The company was also threatened with €210,000 penalty each day supposing they would not meet the deadline. The law enforcement was therefore contacted by the firm, of which the UK metropolitan police, the Europol and the French National police teamed up to trace and identify the suspects. The French police, therefore, arrested five of the members of the gang. The main suspect admitted to being involved in the cyber attack, however, he said to the police that he hired a cybercriminal on the dark web to carry out the attack. The report did not make it clear whether the hackers also sold compromised data on the dark web; however, most of their software for this process was acquired on the online black market.

The police have advised cybercrime victim’s not to pay any demanded ransom but should instead contact the appropriate authorities right away in such incidences. The Rex Mundi group has a history of blackmailing companies with their hacked private data. A financial institution, Swiss Banque Cantonale de Geneve had their data compromised by the Rex Mundi in some years back. The hacking gang demanded a ransom of €10,000. However, the financial institution refused to pay the said amount. The gang, therefore, published the hacked data as promised. The financial Institution admitted that the published data had no effect on their customer records.

The Europol, after the arrest, announced that the hacking details explain why the cybercriminals always make medium sized and large companies their top target. “This case illustrates that cyber-related extortion remains a common tactic among cybercriminals…financially motivated extortion attempts, and attacks, are typically directed at medium-sized or large enterprises, with payment almost exclusively in Bitcoins,” said Europol. For this reason, companies have been told to make cyber security their top priority, and also, to be careful about the links they click on. The Europol has also arrested many hackers through their operation of seeking a crime-free world.

The Rex Mundi hacked the personal details of Domino’s pizza customers and threatened them to release them to the public if a quoted amount as ransom was not paid within a set up deadline. The gang obtained 650,000 personal contact details of the company’s branch in France and Belgium. Just like any other operation, they posted a link on their twitter homepage that led to the details of their operation. They obtained the full names, addresses, email addresses and passwords and their phone numbers. It was reported that the pizza company did not pay the ransom demanded by the renowned hackers.

The Rex Mundi started operating in 2012 and has successfully hacked and blackmailed several companies in the world. Some of their victims include: “AmeriCash Advance, Webassur, Drake International, Buy Way, Hoststar, Websolutions.it, Numericable, Habeas, AlfaNet.”

Cybercriminals have been a thorn in the flesh of French companies, having made $400,000 in some few months.