Public Ministry of Buenos Aires
Problem
Argentina-based criminals engaged in sophisticated cybercrimes including SIM swapping and phishing, while another operation involved piracy of DirecTV’s satellite television content
Results
- 7 suspects arrested
- 24 global search and seizure orders
- 19 apps and 606 global websites blocked
In the bustling heart of Buenos Aires, Argentina, the Specialized Fiscal Unit in Cybercrime Investigations (UFEIC), a part of the Public Ministry of Buenos Aires, was born in January 2023 by Attorney General John Broyad of San Isidro. This unit, a new arm of the Prosecutor’s Office, was established in response to an alarming surge in cybercrime, marking an important step forward in Argentina's fight against digital criminals. With cyberattacks in Argentina soaring by 200% from 2021 to 2022, and the country becoming the prime target for attacks in Latin America in early 2023, the creation of UFEIC was both timely and imperative.
Demonstrating a commitment to advanced investigative techniques and proactive law enforcement strategies, the UFEIC's mandate spans a broad spectrum of cyber crimes, including personal data theft, computer fraud, cyberbullying, grooming, online scams, and child exploitation.
Electronic intruders: SIM swapping and DirecTV piracy
The UFEIC was confronted with an array of intricate cases. Central to these was the C14 criminal organization, notorious for their expertise in "SIM swapping." This technique involves hijacking victims' cellular phones by duplicating SIM cards or using social engineering to convince cellular telephone providers to switch phone access to a new cellular telephone, leading to identity theft and financial fraud.
Complementing their arsenal, the C14 group also engaged in phishing schemes, deceiving individuals into divulging sensitive information. This dual strategy of phishing and SIM swapping marked a new frontier in cybercrime, deeply impacting victims.
Another significant challenge was the piracy of DirecTV’s satellite television content, instigated by a network that extended across South America and Europe. This operation included the unauthorized sale of DirecTV’s signals, notably high-demand content such as English Premier League matches, reflecting the global reach of these cybercrimes.
Tracing the crypto trail
In response to the escalating cybercrime wave, the UFEIC launched a series of sophisticated investigations targeting the C14 criminal organization and the DirecTV piracy network. The team, led by Prosecutor Alejandro Musso and supported by Secretary Denis Ariel Banchero and Legal Assistant Alejandro Martín Orlandini, employed a multi-faceted approach combining traditional investigative techniques with cutting-edge digital forensics.
To dismantle the C14 group, the UFEIC capitalized on advanced digital tools, including TRM Forensics for cryptocurrency tracing. This allowed them to map the criminal network, revealing key players, financial flows and additional victims. The use of TRM was pivotal in identifying and seizing crypto-assets, a landmark achievement in Argentine law enforcement history.
"This is the first of its kind in the country, done in the way that American and European security agencies like the FBI and Europol do it," said Prosecutor Musso.
In parallel, the UFEIC's investigators conducted extensive surveillance and data analysis to track down the members of the C14 organization. This involved monitoring digital communications, analyzing transaction records, and collaborating with telecommunications companies to uncover the SIM swapping operations. Their efforts culminated in the arrest of six members of the C14 group, disrupting their widespread phishing and phone hijacking activities.
For the DirecTV piracy case, known as “Operation 404,” the UFEIC collaborated with international law enforcement agencies, including those from Brazil, Peru, the United Kingdom, and the United States. They conducted joint operations and shared intelligence, leading to the identification of the main suspect, a computer engineer orchestrating the piracy scheme from Argentina. Raids on the suspect's premises yielded crucial evidence, including hardware used for signal transmission and digital wallets containing illicitly obtained profits.
Speaking about the case, Prosecutor Musso commented, “During 2023 and as a result of these unprecedented procedures in Argentina carried out by the UFEIC, other agencies at the national and provincial level began to use the same procedure, resulting in the seizure of a large amount of digital assets. We expect 2024 to be a very productive year in tracking illicit cryptocurrency, for which the use of tracing tools is absolutely necessary to achieve results, without them failure is inevitable.”
The UFEIC's success in these cases is a testament to their innovative use of technology, international collaboration and diligent investigative work. Their efforts not only brought the perpetrators to justice but also set new precedents in the fight against cybercrime in Argentina.
From bytes to behind bars in UFEIC's takedown
The UFEIC's operations against the C14 criminal group and the DirecTV piracy case led to tangible outcomes in the fight against cybercrime in Argentina.
Secretary Banchero added, “In an unprecedented procedure, the seized cryptocurrency was transferred to a decentralized wallet controlled by the prosecutor’s office, following other global agencies’ best practices. In the case of the piracy, we estimate the defendant had 90,000 clients paying approximately $10 USD per month for a profit of nearly $1 million dollars each month. Finally, in both cases, about thirty thousand dollars were seized in cryptocurrencies.”
The crackdown on the C14 group resulted in the arrest of six key members, significantly disrupting their phishing and SIM swapping operations. A major achievement was the seizure of their crypto-assets, showcasing UFEIC's skill in navigating the digital currency landscape in law enforcement.
In the DirecTV piracy case, the arrest of the main suspect and the seizure of $18,000 in USDT Tron from his virtual wallets disrupted the illegal operation. The tracing also displayed monetary links to Russia, Lebanon, Egypt, Colombia and Peru with the identification of 12 additional suspects.
To date, the operation has yielded 24 global search and seizure orders, and 19 apps and 606 global websites have been blocked.
These successes have not only curbed cybercriminal activities but also established new precedents in cybercrime investigation in Argentina, particularly in dealing with cryptocurrency-related cases, paving the way for future actions taken against illicit actors.
Ready to get started?
Fill out the form to schedule a demo with our team.