Security

Operation Lyrebird Leads to the Arrest of Moroccan Hacker “Dr. Hex”

By Bill Toulas
hacker_arrested
  • Group-IB has managed to identify a careless hacker who was using the same email address on multiple platforms.
  • The firm conducted a two-year investigation and shared its findings with Interpol agents.
  • The hacker was confirmed to be behind defacements, phishing attacks, and the stealing of card details.

Interpol has received valuable information from Group-IB and managed to locate and arrest a Moroccan hacker using the nickname “Dr. Hex” (among others). The person is considered responsible for multiple cyber-attacks against French banks, French IT firms, and several high-profile organizations in the European country. The main trick used by the hacker was a phishing kit with which he created several phishing websites to steal valuable bank system user credentials.

Group-IB managed to analyze this kit and investigated the email address hardcoded in it. Using this lead, the researchers found a YouTube channel that contained links to an Arabic crowd-funding platform. This, in turn, led to a full name, and then to a DNS analysis, then to another two domains registered under that name. Eventually, the circle was closed by discovering the website had been built using the same phishing kit.

The researchers connected the hacker with five more email addresses, found infrastructure traces, linked him with specific campaigns, and also found more accounts on YouTube, Facebook, Instagram, and Skype, all belonging to him. Having a complete record of his digital footprint spanning from 2009 to 2018, Interpol was able to coordinate with the Moroccan police and arrested the suspect last month.

As Group-IB’s CTO, Dmitry Volkov, stated about this success:

Having zero tolerance for cybercrime, Group-IB has always stressed its focus not only on protecting our customers against cyberattacks but also on identifying perpetrators behind them to ensure that they’re duly punished. The ‘Lyrebird’ operation is yet another example of strong coordinated cooperation between international law enforcement agencies, regional police, and cybersecurity players. These are international cooperation, data exchange, and the long-standing experience in cyber investigations that help Group-IB lead its work to a logical conclusion — bring cybercriminals to justice.

“Dr. Hex” is now facing several charges relating to 130 website defacements, phishing, malware development, fraud, and carding activities that affected thousands of victims. This should incur several years in prison as well as a hefty fine for the man.

Back in March 2020, we covered a similar story about a careless Moroccan hacker targeting large French firms using an email address connected to his real identity, his physical business, and several social media accounts. Maybe OpSec mishandling is a thing among Moroccan hackers, as the two don’t appear to be linked in any way.

Add a Comment

Latest
Streaming
How to Watch The Famous Five Online for Free: Stream the 2023 Series from Anywhere
Lore Apostol - 0
The Famous Five is a new original series inspired by Enid Blyton’s children’s novels. The title premieres on December 9, 2023, on...
Read more
Streaming
How to Watch Ben Roberts-Smith: Truth on Trial Online from Anywhere
Lore Apostol - 0
Ben Roberts-Smith: Truth on Trial is an upcoming documentary that centers around the investigative findings by journalists Nick McKenzie and Chris Masters...
Read more
Streaming
How to Watch Yes, Chef! Christmas Online from Anywhere
TechNadu Staff - 0
Yes, Chef! Christmas follows Alicia, a culinary school instructor with no goals or aspirations. When Alicia receives an invitation to compete in...
Read more

© TechNadu 2023. All Rights Reserved.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari