2 Malaysians linked to ‘Trojan Spymax’ scam extradited to Singapore

2 Malaysians linked to ‘Trojan Spymax’ scam extradited to Singapore

The two men allegedly promoted malware and managed server rentals for fraudulent activities across Asia, especially in Singapore.

The two men extradited to Singapore were arrested in Penang and Johor last Wednesday. (SPF pic)
PETALING JAYA:
Police have extradited two men suspected of being involved in an international fraud syndicate known as Trojan Spymax.

Bukit Aman commercial crime investigation department (CCID) director Ramli Yoosuf said the duo, aged 27 and 48, were arrested in Penang and Johor last Wednesday.

He said it was part of a joint operation involving the CCID, Interpol and the Singapore police force.

“The duo are suspected members of the Trojan Spymax syndicate that has been actively engaged in international fraud operations across Asia, especially in Singapore,” he said in a statement yesterday.

“They are believed to be involved in the sale of malware and the management of server rentals that house Android Package Kit (APK) files.”

Ramli said the authorities also seized three smartphones, a passport, an identity card and a watch valued at RM6,000 when the two men were arrested.

“Based on our investigation, this syndicate is known to market its products and services through social media platforms such as Facebook and Instagram,” he said.

“Interested buyers would receive links to APK files to be installed on their phones as part of the purchasing process.”

According to Ramli, the suspects were handed over to Interpol for extradition to Singapore where they will be prosecuted. He said all the seized items were also given to the Singapore police.

“Through this cooperation (with Interpol and the Singapore police), CCID believes that the infrastructure and operations of the APK malware syndicate in the region have been effectively dismantled ,” he said.

Ramli also warned the public to exercise caution when downloading software and advised them to use secure platforms like Google Play and the App Store.

“These APK files, once installed, enable the fraud syndicate to intercept one-time passwords (OTPs) sent via SMS, perform screen mirroring, access contact lists and remotely control the victims’ devices,” he said.

Yesterday, Singapore media reported SPF as saying that two men linked to software fraud against Singaporeans since June 2023 were extradited from Malaysia and had been charged.

Both men face charges related to unauthorised modification of computer materials. If convicted, they could face up to seven years in prison, fines of up to S$50,000 (RM173,500), or both.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.