Group-IB's TOP 20 Investigations

Group-IB played a pivotal role in Operation Nervone, a multinational law enforcement effort led by INTERPOL and AFRIPOL, among others, to dismantle OPERA1ER, a cybercriminal syndicate behind a series of financial fraud schemes. Active between 2018 and 2022, the French-speaking collective orchestrated more than 30 attacks targeting banks, financial services, and telecom companies, exploiting vulnerabilities in digital banking and payment systems.

Learn more →

Group-IB helped to dismantle a hacker group that infected over 340,000 Android devices to steal money from bank accounts. The criminals spread malware through SMS messages with links to a fake Adobe Flash Player download. They named their malware "Reich 5" and used Nazi symbols in their control panel. With Group-IB’s support, five suspects were de-anonymized and arrested.

Learn more →

Operation Delilah was the third in a series of operations supported by Group-IB, providing intelligence on the threat actor’s network, movements, use of malware strains, and target information, ultimately taking down the BEC gang leader who victimized thousands.

Learn more →

Unravel a remarkable transnational operation where the global law enforcement and cybersecurity service providers, including Group-IB, dismantled the GetBilling JS-sniffer group, which stole sensitive payment data from 200+ e-commerce websites across multiple countries.

Learn more →

Group-IB supported two INTERPOL-led operations, called Falcon I and Falcon II, to stop a business email compromise (BEC) cybercrime gang from Nigeria, which we named TMT. The cross-border anti-cybercrime effort, which involved INTERPOL’s Cybercrime Directorate, Nigerian Police Force, Group-IB’s Investigations Team and other partners, resulted in the arrest of key gang members and in a significant decrease in the group’s activity.

Learn more →

Group-IB took part in Operation DISTANTHILL, which led to the arrest of 16 cybercriminals involved in large-scale Android RAT campaigns across Southeast Asia.

Learn more →

Exposing the million-dollar hacking group behind large-scale attacks on payment systems.

Learn more →

Group-IB helped the police take down the largest mobile malware gang in Russia, which had infected more than 800,000 Android smartphones.

Learn more →

Group-IB helped to expose the cybercriminal gang who offered fake green passes, targeting Italian victims.

Learn more →

Group-IB helped law enforcement to identify and arrest a notorious gang that compromised more than one million devices with Android malware. The timely arrest helped dismantle a giant botnet and stopped the threat actors from expanding their operations worldwide.

Learn more →

Group-IB supported the police in identifying and taking down a malware kingpin who once dominated the exploit kit sales market, with over 40% of infections attributed to his tools - BlackHole and Cool Exploit Kits. Learn how our investigations revealed the Paunch's exploit kits, infrastructure, partners, and clients, completely sabotaging his malicious operations.

Learn more →

Group-IB partnered with law enforcement to bring a phishing gang to justice for the first time in Russia. The operation marked a new chapter in the history of cybercrime investigations and eventually led to changes in legislation and tougher sanctions for other cybercriminal groups.

Learn more →

Group-IB supported INTERPOL in disrupting a prolific cybercriminal’s activities - codenamed Lyrebird. This effort led to the identification and apprehension of the threat actor responsible for multiple attacks on French telecommunications companies, major banks, and MNCs.

Learn more →

Group-IB partnered with the Dutch National Police to uncover critical details about the criminal syndicate - the Fraud Family and their Fraud-as-a-Service (FaaS) operations. This breakthrough led to the dismantling of their operations and the prosecution of the perpetrators.

Learn more →

Group-IB made a significant contribution to an international crime fighting operation involving INTERPOL and national law enforcement agencies from Indonesia, Japan and the United States that targeted the notorious ‘phishing-as-a-service’ (PaaS) platform 16shop.

Learn more →

Group-IB played a crucial role in identifying the individual behind the Dragon botnet, which was responsible for relentless distributed denial-of-service (DDoS) attacks on prominent organizations, including those in the industrial and financial sectors.

Learn more →

Group-IB played a major role in identifying members of CybSec Group, which was engaged in extortion and DDoS attacks on international companies including international online dating service AnastasiaDate.

Learn more →