Southeast Asian cyber-fraud industry ‘outpacing’ law enforcement with new tools: UN

Omega Balla
Transnational criminal groups in Southeast Asia are incorporating new tools like artificial intelligence and deepfake technology to expand their cyber fraud capabilities, the United Nations Office on Drugs and Crime said Monday.

Transnational criminal groups in Southeast Asia are incorporating new tools like artificial intelligence and deepfake technology to expand their cyber fraud capabilities, the United Nations Office on Drugs and Crime said Monday. 

In an expansive report on the evolution of the region’s cyber scamming industry, the agency warned that despite increased media attention and high-profile enforcement actions over the last year, organized criminal groups have relocated operations as needed and adapted to technological advances. All the while, a “crime-as-a-service” ecosystem has popped up catering to the needs of fraudsters in Southeast Asia.  

“It is now increasingly clear that a potentially irreversible displacement and spillover has taken place in which organized crime [groups] are able to pick, choose, and move value and jurisdictions as needed, with the resulting situation rapidly outpacing the capacity of governments to contain it,” the U.N. said. 

The so-called scam compounds are typically found along the border areas of Cambodia, Myanmar and Laos and rely on a workforce of forced laborers duped into accepting jobs overseas. While the Southeast Asian fraud industry is most well-known for carrying out pig butchering scams — in which victims are groomed on social media and tricked into sending money or making fraudulent investments — it is increasingly dabbling in other techniques and relying on marketplaces selling services that facilitate cybercrime.

“This has meant that criminals no longer have to handle their own money laundering, code malware or steal sensitive personal information to profile potential victims or obtain initial access for their attacks themselves — instead, these key components can be purchased in underground markets and forums, and often at very accessible prices,” the U.N. said. 

According to the authors, “strong evidence” shows data markets moving to Telegram and explicitly targeting Southeast Asian criminal groups, buttressed by the explosion in infostealing malware. The personal information on offer can be used to bypass “know your customer” money laundering controls, and to carry out business email compromise (BEC) and impersonation scams. 

Biometric data is also on offer, which can be used for deepfake scams, which according to the agency are becoming more and more common throughout Asia.

Also of concern is the use of cryptocurrency “drainers” and other sophisticated malware that can empty wallets without the need for the time-intensive social engineering involved in other scams.

“Concerningly, there is a growing indication of the malware-as-a-service model being integrated into criminal operations based in more vulnerable and remote parts of Southeast Asia, and particularly the Mekong region,” they wrote. 

The researchers even found potential links between a cluster of banking trojans, previously dubbed GoldDigger and attributed to a threat actor named GoldFactory by the cybersecurity firm Group-IB, and scam operations in Southeast Asia. 

“There is some indication that local criminals or victims of trafficking for forced criminality from Southeast Asian countries are also involved, evidenced by instances of phone calls made to victims from ‘customer support’ in which operators are proficient in the native language used in the targeted country,” they said. 

Earlier this year, the United States Institute of Peace estimated that scamming syndicates in the region are netting some $64 billion each year worldwide, although researchers admit that it is challenging to know the full scale of operations. 

In their report on Monday, the UNODC estimated that in East and Southeast Asia alone victims lost between $18 billion and $37 billion in 2023 from cyber-enabled fraud.

CybercrimeChinaNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

James Reddick

has worked as a journalist around the world, including in Lebanon and in Cambodia, where he was Deputy Managing Editor of The Phnom Penh Post. He is also a radio and podcast producer for outlets like Snap Judgment.

 

Total
0
Shares
Previous Post

Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools

Next Post

Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines

Related Posts

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability in question is CVE-2024-41713 (CVSS score: 9.8), which relates to a case of insufficient input
Avatar
Read More

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security
Avatar
Read More