Six people were arrested as part of an ongoing investigation into a €24 million ($26.9 million) cryptocurrency theft launched by UK and Dutch national authorities, in a joint operation with Europol, the law enforcement agency for the European Union, and EU agency Eurojust.
The investigation relates to “typosquatting,” which is when a website, or in this case a well-known online cryptocurrency exchange, is “spoofed” or recreated to imitate the genuine site in order to gain access to victims’ bitcoin wallets to steal their funds and login details. The name comes from the act of creating a site with the same web address as a legitimate site, except for one often easy-to-miss typo in the URL in order to mislead people into thinking they are visiting the real site.
A 2018 study by cyber security company Sophos found that there are a significant number of fake domains registered, including sites targeting users of popular websites such as Google, Facebook, Twitter, Microsoft and Apple. The report found that 80% of all possible one-character variants of Facebook, Google, and Apple website domains are registered.
The five men and one woman are suspected of having committed computer misuse act offences and money laundering. The arrests followed simultaneous search warrants that were carried out in Charlcombe, Bath, and Trowbridge in the UK, as well as in Amsterdam and Rotterdam in the Netherlands. The authorities seized a larger number of electronic devices, equipment and valuable assets.
The British suspects were arrested on suspicion of committing computer misuse and money laundering offences, while the Dutch suspects were arrested on suspicion of money laundering.
The investigation started from a single report of £17,000 worth of bitcoin stolen from a Wiltshire-based victim, authorities said. In February 2018, the South West Regional Cyber Crime Unit (SW RCCU) identified possible suspects living in the Netherlands and referred the case to the Joint Cybercrime Action Taskforce, hosted at Europol’s European Cybercrime Center.
The arrests “were the result of 14 months of investigation by my team, closely assisted by colleagues in Europol, Eurojust, the Joint Cybercrime Action Taskforce (J-CAT) and the NCA [National Crime Agency],” Detective Inspector Louise Boyce from the SW RCCU said in a release.