Cross-Border Phishing Syndicate Dismantled, Bareskrim Seizes Assets Worth Rp 4.5 Billion

Bareskrim Polri has seized assets worth Rp 4.5 billion related to a case involving an online fraud or phishing syndicate operating across borders using fake tools. The seized assets, worth billions, include houses, vehicles, and electronic goods.

Police Public Relations Division Head Irjen Johnny Eddizon Isir stated that the uncovering of this phishing case is part of Polri’s commitment to maintaining digital space security.

“This demonstrates that cybercrime has widespread and cross-border impacts. Polri will continue to crack down firmly and strengthen international cooperation,” Johnny said in a statement quoted on Friday (17/4/2026).

In this case, police arrested two suspects with initials GWL and FYTP in Kupang, East Nusa Tenggara.

The revelation began with cyber patrols that detected a suspicious site selling phishing scripts. The investigation continued, leading to the platform w3llstore.com, which is connected to the distribution of tools via Telegram bots.

“As a result, the obtained tools were proven to be usable for phishing actions, including stealing credentials and taking over victims’ accounts,” Johnny said.

Johnny explained that these tools work by siphoning data when victims enter their usernames and passwords. Moreover, according to him, the tools can capture login sessions, allowing perpetrators to access accounts without needing OTP codes.

The uncovering of this case also involved cooperation with the Federal Bureau of Investigation (FBI) to identify victims in the United States and trace the network of tool users. Victims are known not only from within the country but also from abroad.

In their roles, GWL is known to have acted as the creator and manager of the tools and distribution channels. Meanwhile, FYTP handled the flow of funds from the crimes through cryptocurrency and bank accounts.

Johnny added that the transaction method shifted from websites to Telegram with cryptocurrency-based payments. From transaction tracing since 2021 until 2026, the two suspects are estimated to have reaped profits of up to Rp 25 billion.

He emphasised that they will continue to take action against cybercrime. Investigators are currently still developing the case to trace other involved parties, including buyers and users of the phishing tools.

“This success also strengthens global trust in Indonesia in maintaining the stability and security of the international digital ecosystem,” he concluded.