The Dutch Police have begun posting warnings on Russian and English-speaking hacker forums not to commit cybercrime as law enforcement is watching their activity.
Since the conclusion of Operation LadyBird, law enforcement's disruption of the Emotet botnet, the Dutch Police state that they are creating forum accounts on hacker forums to warn hackers that they are watching them publicly.
These forum posts include a message about the Emotet disruption and a YouTube video showing the botnet operators' arrests. The video ends with the police warning that "Everyone makes mistakes. We are waiting for yours."
So far, the Netherlands Police have posted on the English-speaking RaidForums and the Russian-speaking XSS forums. Included in the forum posts is a Telegram number that threat actors can use to share cybercrime information.
Source: BleepingComputer
The post to XSS contains the same message but this time in Russian.
The message posted by the Netherlands Police is repeated in full below:
On 26th January the Netherlands Police took over control of the Emotet botnet, dismantled the infrastructure and seized data on its users. Emotet was one of the most prolific botnets of the past decade. It ultimately failed to escape the reach of the Netherlands Police and its international partners. Hosting criminal infrastructure in The Netherlands is a lost cause.
Looking for another botnet? Think again.
[ Evidence: https://youtu.be/24srTBcbslo ]
The Netherlands Police will continue to focus on the abuse of our infrastructure. We aim at botnets and related malware like Ryuk, Trickbot and many more. We feed on underground information sources and the cybersecurity industry. We will leave no stone unturned in finding those committed to cybercrime. You might lose your liberty, not just your bots and business. As you know, the Netherlands Police is always the first to see next seasons catalogues.
International Law Enforcement continues to work collectively against cybercrime, wherever it is committed. Everyone makes mistakes. We are waiting for yours. Check where traders host their infrastructure, avoid those that use The Netherlands.
If you also want to share information about cyber criminal activities related to The Netherlands, send a telegram message to +31621495111.
This is not the first outreach program conducted by the Netherlands Police to deter young people from getting involved in cybercrime.
At their GameChanges site, the Politie offer games and frequently asked questions to steer kids and young adults towards a white hat career rather than being tempted into cybercrime.
The UK National Crime Agency (NCA) has a similar program known as Cyber Choices that aims to prevent young people from inadvertently getting involved in cybercrime.
Hackers not very receptive to messages
The responses to the police's messages have been met with different responses depending on the forums.
The RaidForums admin allowed the post to stay, but members immediately replied with insults and doubts that it was real.
The Russian-speaking XSS forum, though, deleted the post, banned the account, and issued a warning on the police's member profile that other forum members should not trust them.
This is an interesting outreach program but based on the cybercrime community's reactions, it is not likely to have much impact.
Comments
dogsofhellfire2600 - 3 years ago
The direct link to the Dutch GameChanges COPS website is https://publicaties.politie.nl/changeyourgame/ it will bypass the WSJ story and take you directly to the website