Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Go
"Hundreds of thousands of victims have been scammed, with losses estimated in the millions."
Google is suing to dismantle the infrastructure behind an alleged massive AI-powered cybercrime operation based in China. The operation, known as Outsider Enterprise, has financially scammed hundreds of thousands of victims with losses estimated in the millions.
The cybercrime network uses AI in its campaigns to send scam text messages impersonating Google and other brands to steal passwords and credit card numbers. According to Google, Outsider Enterprise deployed 9,000 fake websites, one million fraudulent web domains, and 2.5 million texts sent to Android users in a two-week period. The company said 55,000 spam texts were flagged by Android users in just two weeks this past May — that’s more than two text spam complaints a minute.
Google uses AI-powered tools to fight AI-powered scams, which enable the company to detect scams and alert users of suspicious calls and text messages, leading to the interception of more than 10 billion scam messages a month. The company has been collaborating with AT&T, T-Mobile, and Verizon to block the scam text messages, and said it is coordinating with the FBI.
An FBI spokesperson told TechCrunch that the bureau, in coordination with Google and Lumen’s Black Lotus Labs, seized several domains used by the cybercriminals, as well as Shopify storefronts and accounts used to test the operation’s phishing service. The spokesperson said that since July 2023, Outsider Enterprise’s phishing platform enabled cybercriminals to steal at least an estimated 3,870,000 stolen credit cards and a corresponding estimated $1.9B in losses.
In its complaint filed as part of the lawsuit, Google laid out the evidence it gathered against people involved in the Outsider Enterprise operations, whom the company said are foreign-based cybercriminals whose real identities are unknown. This group built, maintains, and uses a turn-key, online software suite that enables criminals, regardless of technical skill, to publish fraudulent websites designed to rob victims and enrich themselves.
The phishing-for-dummies software called Outsider, which costs $88 per week or $200 per month, allows operators to create fake websites with the help of AI platforms, including Google’s own Gemini. The fake sites impersonate several services and companies, such as telecom providers, financial institutions, government agencies, and retailers. To lure people to the fake websites, the cybercriminals collaborate with one another to send victims malicious text messages, or purchase ads.
The common goal is to steal passwords and corresponding multi-factor codes as well as financial information, which the scammers can do by receiving the data that victims input into the fake websites, with the information being transmitted through Outsider’s platform in real-time. Part of the Outsider software’s appeal is the ease with which someone with limited technical expertise — like many members of the Enterprise— can purchase the software, execute various phishing attacks, and, upon purchase, meet other members of the Enterprise who are proficient in other areas.
The cybercriminals have allegedly used Google Drive and Google Cloud infrastructure to host the phishing websites. The Outsider platform allegedly offers cybercriminals more than 290 pre-built templates that mimic the legitimate websites that generate replicas of real websites in minutes, along with guides on how to weaponize AI-generated code, as well as a dashboard to track the progress of phishing campaigns.
The implications of this cybercrime operation are significant, with hundreds of thousands of victims already affected and millions of dollars in losses. The fact that the operation is based in China and uses AI-powered tools to carry out its scams makes it a particularly challenging threat to combat. Google's lawsuit is a significant step towards dismantling the operation's infrastructure and holding those responsible accountable.
However, the case also highlights the ongoing challenge of cybercrime and the need for continued vigilance and cooperation between companies, governments, and law enforcement agencies. As cybercriminals become increasingly sophisticated and use AI-powered tools to carry out their scams, it is essential that those tasked with combating them stay one step ahead.
In this case, Google's use of AI-powered tools to fight AI-powered scams is a significant development, and one that could have important implications for the future of cybersecurity. By using AI to detect and intercept scam messages, Google is able to stay ahead of the cybercriminals and protect its users. However, the fact that the cybercriminals are also using AI-powered tools to carry out their scams highlights the ongoing challenge of cybercrime and the need for continued innovation and cooperation.
Ultimately, the outcome of Google's lawsuit against Outsider Enterprise will be closely watched, and could have significant implications for the future of cybersecurity. As the case progresses, it is likely that more details will emerge about the operation and the extent of its activities, and it will be important to continue to monitor the situation and provide updates as necessary.
