Two 16-year-old boys among 18 arrested for roles in Android malware scams in latest police raids

Fourteen men and two women, aged between 17 and 47, and two 16-year-old male teenagers have been arrested for their suspected involvement in the recent spate of banking-related malware scam cases. Photo: Singapore Police Force
Posted on 08 October 2023 | 1,368 views | 1 comment

Fourteen men and two women, aged between 17 and 47, and two 16-year-old male teenagers have been arrested for their suspected involvement in the recent spate of banking-related malware scam cases, said the police.

Another eight men and three women, aged between 17 and 55, and two 16-year-old female teenagers are assisting in the investigations after island-wide anti-scam enforcement operations conducted by officers from the Commercial Affairs Department and Police Intelligence Department between Sept 25 and Oct 6.

Preliminary investigations revealed that 11 men and two women, and the two male teens had allegedly facilitated the scam cases by relinquishing their bank accounts, Internet banking credentials or disclosing Singpass credentials for monetary gains.

A 45-year-old man is believed to have withdrawn money from a money mule’s bank account and handed the money to an unknown person.

Preliminary investigations also revealed that a 47-year-old man had allegedly received and withdrawn some criminal proceeds from his bank account and a 17-year-old male teen is believed to have assisted his friends to sell their bank accounts to an unknown person on Telegram.

Police investigations are ongoing.

Since January 2023, the police have received increasing number of reports of malware being used to compromise Android mobile devices, resulting in unauthorised transactions made from the victims’ bank accounts.

In these cases, the victims responded to advertisements on social media platforms like Facebook. They were then instructed by the scammers to download Android Package Kit from non-official app stores to facilitate the purchase, which led to malware being installed on their mobile devices.

Subsequently, the scammers convinced the victims via phone calls or text messages to turn on accessibility services on their Android phones.

This weakened the phones’ security, allowing scammers to take full control of the victims’ phones.

As a result, the scammers could log every keystroke, steal banking credentials stored on the phones, remotely access the victims’ banking apps, add money mules as payees, raise payment limits and transfer money to money mules.

The scammers can further delete SMSes and email notifications related to these bank transfers to cover their tracks.

The offence of acquiring benefits from criminal conduct carries an imprisonment of up to 10 years, a fine of up to $500,000, or both.

The offence of cheating carries an imprisonment term of up to three years, or with a fine, or both, while the offence under the Computer Misuse Act 1993 carries a fine of up to $5,000, or an imprisonment term of up to two years, or both.

For disclosing their Singpass credentials, they are liable to an imprisonment term not exceeding three years, a fine of up to $10,000, or both.

Get more of Stomp's latest updates by following us on Facebook, WhatsApp, Twitter, Instagram and YouTube.

Related Stories
Ten people, aged between 17 and 60, were arrested for their suspected involvement in various scams, said the police on Wednesday (Oct 4).
10 arrested for allegedly letting scammers use their bank accounts for up to $600 per account
Seven men and four women, aged 17 to 25, and two 15-year-old teenagers were arrested in raids between Aug 14 and 25 for their suspected involvement in the recent spate of banking-related malware scam cases, said the police.
Two 15-year-olds among 13 arrested in island-wide raids for roles in malware scams
10 people, including 16-year-old youth arrested for suspected involvement in malware scams
More About: 
Scams
arrested
police
teenagers