TAWAU man Adrian Katong has been identified by the Australian Broadcasting Corporation (ABC) as a key facilitator in one of the largest global phishing scams, reportedly amassing billions of ringgit from illegal activities for nearly a decade.
The ABC claimed to have received clearance to expose Adrian while noting that Malaysian authorities have yet to charge him in court after arresting him in November last year.
The ABC released an 11:22-minute exposé and a news article detailing, among other things, how three cybersecurity experts traced their investigations back to the Sabahan.
Australian cybersecurity expert Gabor Szathmari explained how his curiosity led him to an alleged one-stop-shop site for identity theft called BulletProftLink, reportedly run by Adrian.
He initially received a phishing message and detailed how he decided to investigate those behind it.
The site is believed to sell fake MyGov, Dropbox, and Microsoft login pages, all designed to trick people into giving up their details, the report stated.
“The man behind the operation has provided thousands of scammers with the tools to deceive people, offering phishing tutorials for beginners.
“He also taught how the phishing tool can be installed, hosted, and how it works,” he said.
Szathmari said he had shared Adrian’s details with the Malaysian police and the Federal Bureau of Investigation in October 2020.
The ABC described Adrian as leading a very public, successful, and hardworking family life.
It said that he had bought several cars and a motorcycle, expensive jewellery, went on overseas holidays, and purchased gadgets.
Perth-based cybercrime forensic investigator Bex Nitert linked Adrian to a criminal syndicate attempting to compromise an Australian-based government agency.
She said his site was openly available and could be found through a simple Google search.
Nitert, who was engaged by a government agency to unmask the criminal behind a cyberattack in September 2020, stated that Adrian expanded his operation sometime in 2020.
“His activity ramped up in 2020, increasing his prices. He started offering phishing attacks on behalf of other people, so they did not need to put in the work,” said Nitert, who is now in her fourth year investigating the case.
Cybersecurity investigator Frank Bruzanatti, who was engaged by the Australian federal police, said that Adrian was arrested by Malaysian police in November last year.
However, despite being arrested eight months ago, he has not yet been charged.
According to Bex, Adrian is now rebuilding his business following his arrest and is approaching other scammers on Telegram. – August 3, 2024
.jpeg)
.jpg)
