Two Arrested as Authorities Dismantle JokerOTP Phishing Operation Behind £7.5 Million Theft

Summary:
In a major victory for international cybercrime enforcement, two individuals have been arrested following a three-year investigation into JokerOTP, a phishing tool designed to intercept two-factor authentication (2FA) codes and facilitate large-scale bank fraud.

On April 22nd, police arrested a 24-year-old man in Middlesbrough, England, while Dutch authorities detained a 30-year-old man in Oost-Brabant, the Netherlands. The arrests stem from an extensive probe led by Cleveland Police’s Cyber Crime Unit, targeting JokerOTP, which was reportedly used more than 28,000 times across at least 13 countries, causing an estimated £7.5 million in losses.

According to police reports, JokerOTP tricked victims into sharing their authentication codes by posing as representatives from trusted organizations like banks and crypto platforms such as Coinbase. Once victims handed over their one-time passwords, criminals gained unauthorized access to their accounts. The two suspects, known online by the aliases “spit” and “defone123”, allegedly played key roles in the operation.

Detective Sergeant Kevin Carter described the investigation as one of the largest cases of computer misuse and fraud his force has ever encountered. He praised the collaboration between UK and Dutch authorities, with the Dutch National Police joining the investigation in 2024 to provide crucial technical support.

The arrested individuals now face a slew of serious charges, including:

  • Supplying articles for use in fraud
  • Conspiracy to supply articles for use in fraud
  • Fraud by false representation
  • Unauthorized access to computer material
  • Money laundering
  • Blackmail

Security Officer Comments:
Authorities have also begun dismantling JokerOTP’s online infrastructure by working with hosting providers to shut down the bot platform, marking the first step in a broader crackdown on the associated cybercrime network. The operation received strong backing from the North East Regional Organised Crime Unit (NEROCU), the National Crime Agency (NCA), and Europol. Detective Sergeant Carter warned that further law enforcement action is likely, noting that users of the JokerOTP platform have been under surveillance throughout the investigation.

Link(s):
https://hackread.com/jokerotp-dismantled-28000-phishing-attacks-2-arrested/

Contact Us for Threat Assistance Back to Current Threats

Just Starting?



Contact LACyber for More Info



Current Active Cyber Threats