Indonesian Police Uncover Cross-Border Syndicate Selling "Phishing Tools"

Jakarta (ANTARA) - The Directorate of Cybercrime (Dittipidsiber) of the National Police Criminal Investigation Agency has successfully dismantled a syndicate selling phishing tools operating across borders and generating profits of up to Rp25 billion.

The Head of Public Relations Division of the National Police, Inspector General Johnny Eddizon Isir, stated in Jakarta on Wednesday that the case handling also involved cooperation with the Federal Bureau of Investigation (FBI) to identify victims in the United States (US) and trace the network of tool users.

He explained that the case came to light following the conduct of cyber patrols.

Subsequently, a suspicious website selling phishing scripts was discovered. Further investigation led to the platform w3llstore.com, which was linked to the distribution of tools via Telegram bots.

These findings strengthened suspicions of the sale of phishing tools that could be used for cybercrimes.

“As a result, the tools obtained were proven to be usable for phishing actions, including stealing credentials and taking over victims’ accounts,” he said.

The tools worked by extracting data when victims entered usernames and passwords. They could even capture login sessions, allowing perpetrators to access accounts without needing OTP codes.

He said investigators designated two suspects in this case, namely GWL and FYTP. They were arrested in Kupang, East Nusa Tenggara (NTT), on Thursday (9/4).

He revealed that GWL acted as the creator and manager of the tools and distribution channels. Meanwhile, FYTP managed the flow of funds from the crimes through crypto and bank accounts. The transaction method shifted from the website to Telegram, with crypto-based payments.

From the investigation results, it was known that victims were not only from within the country but also from abroad, making this a transnational cybercrime.

Police have secured assets belonging to the suspects worth around Rp4.5 billion, consisting of houses, vehicles, and electronic goods. Meanwhile, from tracing transactions from 2021 to 2026, the two suspects are estimated to have reaped profits of up to Rp25 billion.

Currently, investigators are continuing to develop the case to trace other involved parties, including buyers and users of the phishing tools.

He stated that the uncovering of this case is part of the National Police’s commitment to maintaining digital space security.

“This shows that cybercrime has broad and cross-border impacts. The National Police will continue to crack down firmly and strengthen international cooperation,” he said.

Johnny conveyed that the firm action against the perpetrators also demonstrates that Indonesia is not a safe haven for cybercrime actors.

“This success simultaneously strengthens global trust in Indonesia in maintaining the stability and security of the international digital ecosystem,” he said.