Two Malaysian men, aged 26 and 47, were charged in court on Saturday for their involvement in a series of malware-enabled scams that have plagued Singaporeans since mid-2023. The charges follow an extensive investigation led by the Singapore Police Force (SPF) in collaboration with the Hong Kong Police Force (HKPF) and the Royal Malaysia Police (RMP).
The men were apprehended in Malaysia on June 12, 2024, after a joint investigation team identified their roles in operating servers that infected victims’ Android phones with malicious apps. These apps allowed the scammers to remotely control the devices and access sensitive information, including personal data and banking credentials. The stolen information was subsequently used to carry out fraudulent transactions, resulting in significant financial losses for the victims.
In 2023 alone, at least 1,899 cases were reported in Singapore, with victims collectively losing approximately S$34.1 million (US$25.1 million). The scammers employed deceptive tactics to trick individuals into downloading the malicious apps, which facilitated the unauthorized access to and manipulation of their mobile devices.
The investigation into these scams revealed that the perpetrators were operating across multiple jurisdictions. This prompted the formation of a joint investigation team in November 2023, consisting of law enforcement agencies from Singapore, Hong Kong, and Malaysia. Over the following seven months, the team meticulously dismantled the complex network of criminal activities and online infrastructure supporting the malware operations.
The successful identification and location of the two suspects in Malaysia were made possible through the cooperation and assistance of the RMP. Following their arrest, the men were extradited to Singapore on June 14, 2024.
Both individuals face charges of unauthorized modification of computer material under the Computer Misuse Act 1993, which carries a potential penalty of up to seven years in prison, a fine of up to S$50,000, or both. Additionally, the 47-year-old suspect is charged with acquiring benefits from criminal conduct under the Corruption, Drug Trafficking, and other Serious Crimes (Confiscation of Benefits) Act 1992, which could result in a fine of up to S$500,000, a prison term of up to ten years, or both.
Further investigations are underway as the SPF continues to unravel the full extent of the scam operations. The arrest and subsequent charges of these two men underscore the persistent efforts of law enforcement agencies to combat cybercrime and protect citizens from such fraudulent activities. The case also highlights the importance of international cooperation in addressing crimes that transcend borders.
During the course of the investigation, the SPF’s collaboration with the Taiwan Police led to the takedown of a syndicate operating a fraudulent customer service center in Kaohsiung City. The raid, conducted on May 15, 2024, resulted in the arrest of four individuals and the seizure of assets worth approximately US$1.33 million.
In a parallel operation, the HKPF dismantled 52 malware-controlling servers in Hong Kong and arrested 14 individuals who had facilitated the scams by allowing the use of their bank accounts for monetary rewards.
The concerted efforts of multiple law enforcement agencies have significantly disrupted the operations of these cybercriminals and have prevented further financial harm to potential victims. The SPF remains committed to pursuing and prosecuting those involved in such illegal activities, regardless of their location.
Source: Singapore Police Force (SPF)