The notorious cybercriminal, who goes by the alias Dr Hex, has been caught in Morocco after a two-year investigation.
Dr Hex was known for leaving his signature on web pages after he had targeted them.
The suspect is believed to have targeted thousands of unsuspecting victims through global phishing scams, credit card fraud, defacing websites, inflicting banks and companies with malware, and developing ‘kits’ sold to other cybercriminals to enable them to conduct similar activities.
These kits allowed criminals to impersonate banking websites so that they may steal victims’ banking details for financial gain, amongst other things.
The capture of Dr Hex comes after a two-year investigation known as “Operation Lyrebird”, carried out by Interpol, the Moroccon police, and cyber solutions provider Group-IB.
It was established by Group-IB that Hex was involved in attacks against 134 websites between 2009 and 2018.
Interpol’s cybercrime directorate worked closely with Group-IB and the Moroccan Police via the Interpol National Central Bureau in Rabat to eventually locate and apprehend the individual who remains under investigation.
“This is a significant success against a suspect who is accused of targeting unsuspecting individuals and companies across multiple regions for years, and the case highlights the threat posed by cybercrime worldwide,” said Interpol’s executive director of police services, Stephen Kavanagh.
“The arrest of this suspect is down to outstanding international investigative work and new ways of collaboration both with Moroccan police and our vital private sector partners such as Group-IB, ” he added.
In May this year, Interpol launched a new cyber operations desk to boost the capacity of 49 African countries to fight cybercrime.
The Africa desk will help facilitate a regional strategy to drive intelligence-led coordinated actions against cybercriminals and support future joint operations such as Operation Lyrebird.
As cybercrime is on the rise, Interpol last year launched the #WashYourCyberHands and #OnlineCrimeIsRealCrime campaigns, to remind the public, businesses, and organisations to remain cognisant and protect themselves against cybercrimes and phishing attempts.