Seven individuals have been arrested for suspected links with a cybercrime-as-a-service network in a European law enforcement operation dubbed ‘SIMCARTEL.’
The now defunct criminal network offered an online SIM-box service to cybercriminals around the world, according to a Europol statement published on October 17.
The buyers used the SIM-box service, which had access to phone numbers registered to people from over 80 countries, to set up fake accounts for social media and communication platforms. Users could then conduct a wide range of telecommunications-related cybercrimes, as well as other crimes.
The SIMCARTEL operation was led by law enforcement from Austria, Estonia, Latvia and Finland with coordination and operational support provided by Europol and Eurojust and other partners.
It resulted in:
- Seven arrests
- Five servers with infrastructure of the illegal service seized
- Approximately 1200 SIM-box devices seized (those operated 40,000 SIM cards)
- Hundreds of thousands of SIM cards seized
- Two websites (gogetsms.com and apisim.com) offering the illegal service taken down
- $502,600 in suspects’ bank accounts frozen and $333,000 in suspects’ crypto accounts frozen
- Four luxury vehicles seized
Over 3000 Victims in Latvia, Estonia and Austria
Europol and Latvian authorities estimated that the “sophisticated” SIM-box service enabled 49 million fake online accounts. These accounts allowed cybercriminals to steal over several million dollars from at least 3,200 victims in Latvia, Estonia and Austria.
These included 1700 individual cyber fraud cases in Austria, with a financial loss of $5.2m, and 1500 in Latvia, with a financial loss of almost $490,000.
These crimes included phishing, extortion, migrant smuggling, the distribution of child sexual abuse material and a variety of fraud schemes, such as investment fraud and fraud on online second-hand marketplaces.
Action Day in Latvia on October 10
The operation’s main raids occurred during an action day in Latvia on October 10, where 26 searches were carried out and five Latvian nationals were arrested.
Three suspects were subject to a non-custodial security measure and a court imposed a security measure on a man born in 1982, said Latvian authorities.
Latvian law enforcement shared footage of a raid on a workspace packed with computer hardware, specialized equipment and large quantities of SIM cards.
Two further arrests were made and most of the network’s infrastructure was seized and taken down by Europol and the Shadowserver Foundation, a UK government-funded non-profit organization.
According to officials, a key individual linked to the operation was previously under scrutiny in Estonia for alleged involvement in arson and coercive financial crimes.
The Latvian State Police noted that that these suspects are considered innocent until proven guilty.
In September, a major crackdown by US authorities exposed a sprawling operation allegedly running a high-volume SIM farm, a facility suspected of facilitating mass mobile identity fraud.
Officials warned that the setup could have endangered nearby UN facilities and vital infrastructure, raising concerns over potential cybersecurity threats.
