To put the scale into perspective, according to an indictment filed in New York, the platform created by the Chinese hackers was responsible for the theft of approximately 3.87 million credit card records and caused an estimated $1.9 billion in damages since July 2023.
2 View gallery
An extensive international operation has succeeded in disrupting a sophisticated Chinese cybercrime network
(Photo: shutterstock)
A platform that sold ready-made phishing kits
The operation, code-named Operation Ghost Hook, led to the seizure of the group’s central management servers, an online store used to test its systems and cryptocurrency wallets containing roughly $100,000. In addition, thousands of fraudulent domains registered through U.S.-based hosting providers were seized and now display an official FBI warning page.
These fake websites were capable of harvesting data in real time and displayed pop-up prompts requesting one-time verification codes and passwords, allowing operators to bypass advanced security measures such as two-factor authentication.
To evade Gemini’s safety restrictions, the criminals reportedly relied on sophisticated prompt-engineering techniques, presenting their requests as harmless attempts to design a “gift redemption” page. As a result, the code appeared to the automated system to be a legitimate user request.
2 View gallery
To evade Gemini’s safety restrictions, the criminals reportedly relied on sophisticated prompt-engineering techniques
(Photo: Getty Images)
A troubling technological escalation
Older cybercrime tools such as Evilginx required a certain level of technical expertise to configure reverse proxy servers capable of stealing users’ cookie files. The current use of AI enables the creation of virtually endless variations of unique code within seconds, making it significantly more difficult for signature-based security systems to identify new phishing pages in real time.
The indictment filed in federal court in Manhattan charges members of the network with racketeering, wire fraud and trademark infringement. Nevertheless, both Google and the FBI acknowledge that the chances of extraditing the defendants, who are believed to be operating from China, remain extremely slim.
Alongside the legal proceedings, Google said it is working with major U.S. telecommunications providers — AT&T, T-Mobile and Verizon — to block malicious text messages before they reach users’ devices. The company is also supporting federal legislation in the United States aimed at increasing penalties for fraud schemes that rely on AI tools.
Click Here For The Original Source.
