Irish teen caught with over €1m in cryptocurrency is target of new fraud probe
A teenager who is one of the main Irish targets of an international investigation into the world’s biggest phishing-as-aservice platform had over €1m in cryptocurrency seized from him as part of a separate garda probe.
A property connected to the teenager, who is based in the south-east of the country, was one of 12 homes searched by gardaí on Tuesday and Wednesday as part of the international fraud investigation.
The targets are suspected of using the internet platform known as LabHost, which for a monthly subscription provided “phishing kits”, infrastructure for hosting pages, interactive functionality for directly engaging with victims and campaign overview services.
All of this enabled fraudsters to send bulk phishing or smishing text messages designed to deceive people into providing their personal data and credentials for the purposes of fraud.
In Ireland, typical examples of such scams happen when potential victims are contacted with messages purporting to be from companies such as An Post, AIB, Bank of Ireland, eFlow, Netflix and Amazon.
When the person clicks on a fake link, they are directed to a website that looks legitimate but is controlled by criminals.
The victims’ bank accounts are then taken over and often emptied.
A source said: “As you can see with the individual targeted in the southeast this week, the profits for this type of organised crime can be huge.
“This person has already had well in excess of €1m in cryptocurrency seized as part of a different international investigation, but is suspected of having continued with his organised criminal enterprises despite being arrested and losing this currency last autumn.”
The teenager is suspected of being one of a number of Irish-based criminals with links to the Black Axe gang who have used the LabHost platform in account takeover frauds.
Gardaí have described an account takeover as a crime “where an individual receives a text [smishing], call [vishing] or email [phishing] from a fraudster that appears to be from a bank, service provider, delivery company or government agency and aims to take over their bank account, devices or debit/credit card details”.
According to figures obtained by the Irish Independent, nearly €3m has been stolen so far this year in account takeovers in Ireland compared with around €10m last year, €11m in 2022 and €24m in 2021 when the public were much less aware of the sophistication of these scams.
“These figures show that the money to be made in this type of fraud is huge and what garda investigations have established is that these crimes are being carried out by the suspects from the comfort of their own homes,” a source said.
It is understood Ireland had the fourth-highest number of victims per capita as they were scammed by criminals who used the phishing-as-a-service platform.
Gardaí said 135,000 Irish people had been targeted this way here, while investigations have established that 116 criminals with a connection to Ireland through their IP addresses have been using the platform.
This amounts to 33pc of all suspects who used LabHost, which has now been shut down by authorities.
“Ireland is certainly punching above its weight when it comes to this type of organised crime. At least two of the targets whose properties were searched this week have previously come to the attention of Operation Skein,” a source said.
Skein is a long-running investigation by the Garda National Economic Crime Bureau (GNECB), and part of its remit has been to target the activities of Black Axe in Ireland.
While some of the suspects targeted this week have links to Black Axe, it is understood the international criminal organisation is not directly involved in this particular organised fraud strand and the individuals had been engaged in “criminal freelancing”.
Gardaí made two arrests during the course of 12 searches over two days in three counties. One person was arrested for obstruction after refusing to provide detectives with passwords for his devices while the other was arrested on an unrelated bench warrant.
A garda spokeswoman said: “As part of Operation Stargrew, gardaí, in conjunction with Europol and other international law enforcement agencies, conducted 12 searches at locations across counties Dublin, Kildare and Waterford between April 16 and 17.
“During these searches, €42,000 in cash, €10,000 in cryptocurrency, 82 smartphones, 25 computers, nine tablet devices and a Rolex watch were seized.”
In a statement, Europol revealed how the scam worked as authorities uncovered at least 40,000 phishing domains linked to LabHost, which had around 10,000 users worldwide.
“With a monthly fee averaging $249 (€233), LabHost would offer a range of illicit services which were customisable and could be deployed with a few clicks,” the crime-fighting agency said.