An action day performed in Latvia on 10 October 2025 led to the arrest of five cybercriminals of Latvian nationality and the seizure of infrastructure used to enable crimes against thousands of victims across Europe.
During the operation codenamed ‘SIMCARTEL’, law enforcement arrested two further suspects, took down five servers and seized 1 200 SIM box devices alongside 40 000 active SIM cards. Investigators from Austria, Estonia and Latvia, together with their colleagues at Europol und Eurojust, were able to attribute to the criminal network more than 1 700 individual cyber fraud cases in Austria and 1 500 in Latvia, with a total loss of several million euros. The financial loss in Austria alone amounts to around EUR 4.5 million, as well as EUR 420 000 in Latvia.
Read more…
Source: Europol
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Polish cops bust alleged teen DDoS kit sellers – youngest just 12
March 10, 2026
Polish police have referred seven suspected juvenile cybercriminals to family court over an alleged scheme to flog DDoS kits online. The youths, aged between 12 and 16 at the time of the alleged offenses, all face charges related to selling DDoS tools in what police described as a purely profit-driven scheme. Poland’s Central Bureau for Combating ...
- Russian cybercrims phish their way into officials’ Signal and WhatsApp accounts
March 9, 2026
Russian-linked hackers are trying to break into the Signal and WhatsApp accounts of government officials, journalists, and military personnel globally – not by cracking encryption, but by simply tricking people into handing over the keys. That’s the warning issued Monday by the Netherlands’ intelligence and military security agencies, the AIVD and MIVD, which say a “large-scale” ...
- Major data leak forum dismantled in global action against cybercrime forum
March 4, 2026
A major online forum for stolen data has been dismantled following an international operation coordinated by Europol. The forum, known as LeakBase, had established itself as a central hub in the cybercrime ecosystem, specialising in the trade of leaked databases and so-called “stealer logs” – archives of stolen credentials harvested through infostealer malware. Accessible on the ...
- Russia: Over 200 people involved in SIM box operations detained since September 2025
March 2, 2026
The Federal Security Service (FSB), the Interior Ministry, and the Investigative Committee of Russia have uncovered and disrupted 100 illegal communication channels used by Ukrainian intelligence services to involve Russians in sabotage and terrorism since September 1, 2025, with over 200 people involved in running SIM boxes detained across 43 Russian regions. “As a result <…> ...
- 15 million French citizens affected by massive data breach following cyberattack on medical software
February 27, 2026
A massive data breach concerning the data of 15 million people in France has been revealed after a cyberattack targeted 1,500 doctors using medical software. The administrative data of around 15 million French citizens, along with notes written by their doctors, were leaked in a large-scale breach targeting 1,500 doctors using a medical software from Cegedim ...
- Russian hackers target European firms with new spear-phishing cyberattacks
February 24, 2026
APT28, the infamous Russian state-sponsored hacking group also known as Fancy Bear, or Sofacy, has been observed targeting “specific entities” in Western and Central Europe with infostealers. In a newly released report, security researchers Lab52 from S2 Grupo detailed “Operation MacroMaze”, which has been ongoing since at least late September 2025 through January 2026. The campaign ...