“Courvoisier” Update: Arrested on Train with Darknet Phishing Tools

Grant West Mug Shot
Your Rating

Grant West, a 30-year-old man was apprehended by police as he logged into an Alphabay login account using a laptop which the investigators had been tracking as it hopped across IP addresses and which allegedly belonged to Grant’s girlfriend. It was reported by Darknet Markets back at the end of 2017, that Grant West admitted to his crimes of hacking the food giant Just Eat. More information on how he was captured has been recently announced.

The law enforcement agencies needed hard evidence on West and continued following him until the arrest where he was found hands on the keyboard. The arrest was also captured by the CCTV cameras in the train.

The laptop that the suspect was using was found have financial information of over a 100,000 people and additional 63,000 stolen debit and credit card numbers which were found later stored in an SD card in the suspect’s house.

The seized SD card was also said to contain usernames and passwords linked to a string of cybercriminals who carried out phishing of attacks against 100,000 customers from over 200 different companies including Uber, Apple, Groupon, Sainsbury, the British Cardiovascular Society, T-Mobile, Nectar, Asda, Argos, Coral Betting, AO.com and Ladbrokes.

courvoisier hack

The huge, prominent and successful phishing campaign attack against Just Eat food delivery services customers from 2015 is what led the investigators to the suspect. The campaign offered the customers a bonus of £10 as a reward after filling in a survey form on customer satisfaction but lured them to a phishing site that leaked their account personal credentials. Anti-phishing tools exist, but the average consumer is not busied by figuring out how to use these.

Such phishing attacks are common where people are lured into sites that compromise their credentials. In this case, it seems to have worked well enough as over 160,000 personal details of different accounts was compromised in several months. The stolen personal account credentials were sold on various darknet marketplaces, especially the dismantled Alphabay under the vendor name “Courvoisier”.

It is not yet clear on exactly how much was lost by customers in the attacks but according to reports despite its system remaining intact and not having been breached, the cost is above $200,000 (£270,000) and got worse in 2015.

The London’s Central Metropolitan Police seized bitcoins worth £1.5 million which was reportedly amassed by the suspect through the sale of stolen credentials on the dark web.

The case shows how easy is it is for cybercriminals to launch phishing attacks and show the demand for stolen personal credentials on the dark web. This calls for more awareness to help an innocent customer from being lured to phishing sites.

According to the London’s Central Metropolitan Police DCS Michael Gallagher, the ease at which money can be transferred or laundered through bitcoin mixers and bitcoin tumblers without being monitored by banks or other financial institutions is a win for the criminals. Individuals with just basic computer and programming skills can low launch a massive cyber attack.

“There is a myth that bitcoins and generally virtual currencies are anonymous and that people with ill intent can use them for criminal purposes on the dark web and remain ’safe’. The truth is that you are can’t hide all the time. It took us a lot of time and effort to arrest Grants West after he had done a lot of damage, yes, but the baseline is that we caught him at last,” the Michael confirmed.

Grant West has pleaded guilty to 10 charges and his sentence is scheduled for May 27.

Be the first to comment on "“Courvoisier” Update: Arrested on Train with Darknet Phishing Tools"

Leave a comment

Your email address will not be published.