A man who has won about $1.5 million in poker tournaments has been arrested and charged with running an operation that combined spam, Android malware, and a fake dating website to scam victims out of $3.9 million, according to Symantec.
Symantec worked with investigators from the Chiba Prefectural Police in Japan, who earlier this week "arrested nine individuals for distributing spam that included e-mails with links to download Android.Enesoluty—a malware used to collect contact details stored on the owner’s device," Symantec wrote in its blog.
Android.Enesoluty is a Trojan distributed as an Android application file. It steals information and sends it to computers run by hackers. It was discovered by security researchers in September 2012.
The suspect flagged as the "main player running the operation" is 50-year-old Masaaki Kagawa of Tokyo, president of an IT firm named Koei Planning and a poker player with success in high-stakes tournaments around the world.
Kagawa has reportedly won about $1.5 million in tournaments dating back to 2008 (minus entry fees). His most recent score was a third place finish in the 2013 Aussie Millions Poker Championship in February, which netted him $320,000.
Kagawa was already under investigation while playing in that tournament. Symantec explains:
From our observations, the operation began around September 2012 and ended in April 2013 when authorities raided the company office. We confirmed around 150 domains were registered to host the malicious apps during this time span. According to media reports, the group was able to collect approximately 37 million e-mail addresses from around 810,000 Android devices. The company earned over 390 million yen (approximately 3.9 million US dollars) by running a fake online dating service called Sakura in the last five months of the spam operation. Spam used to lure victims to the dating site was sent to the addresses collected by the malware.
The malware allegedly used in this operation appears to share source code with Android.Uracto, a Trojan that steals contacts and sends spam text messages to those contacts. Scammers maintaining Android.Uracto have not yet been identified.
reader comments
19