Polish authorities have shut down today a hacker super-group that has had its fingers in a multitude of cybercrime operations, such as ransomware attacks, malware distribution, SIM swapping, banking fraud, running fake online stores, and even making bomb threats at the behest of paying customers.
Four suspects where arrested this week, and four more are under investigation.
According to reports in Polish media, the hackers have been under investigation since May 2019, when they sent a first bomb threat to a school in the town of Łęczyca.
Investigators said that an individual named Lukasz K. found the hackers on internet forums and hired them to send a bomb threat to the local school, but make the email look like it came from a rival business partner.
The man whose identity was spoofed in the email was arrested and spent two days in prison before police figured out what happened.
When the framed businessman was released out of jail, he hired a famous private investigator to track down the culprits behind the fake bomb alert.
Investigators said that when the hackers realized what was happening, they then hacked a Polish mobile operator and generated invoices for thousands of zlotys (the Polish currency) in the name of both the detective and the framed businessman.
Bomb threats against 1,066 kindergartens
Other bomb threats were also linked to the hacker group, such as bomb threats against the Western Railway Station in Warsaw, Poland's capital.
But the most notorious incident the hackers were linked to took place in June 26 and 27, 2019, when they were hired to send bomb threats to 1,066 kindergartens across Poland.
In total, 10,536 people from 275 kindergartens were evacuated following their email threats, according to