Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Russia Arrests Leader of “Infraud Organization” Hacker Group

Russia Arrests Leader of “Infraud Organization” Hacker Group

The Russian Federal Security Service (FSB) and law enforcement have arrested Andrey Sergeevich Novak, the alleged leader of the Infraud Organization, a hacker group that caused losses of more than $560 million in seven years of activity.

The arrest was possible due to intelligence collected by Russian special services and with the cooperation of U.S. law enforcement.

The Infraud Organization was involved in acquiring and trading stolen payment card data and identities on the Infraud carding portal.

Also Read: Considering Enterprise Risk Management Certification Singapore? Here Are 7 Best Outcomes

In 2018, an international law enforcement operation disrupted the organization and the U.S. Department of Justice (DoJ) indicted 36 suspects. Of these, 13 were arrested in various countries, including one of the portal’s administrators.

Law enforcement takes down Infraud carding portal

Four suspected Infraud members detained

Last week, the FSB and law enforcement in Russia arrested four individuals, Andrey Novak among them, who is believed to be the founder of Infraud Organization operating under the aliases “Unicc,” “Faaxxx,” and “Faxtrod.”

Novak has been detained for two months, while the investigation clarifies his role in the hacking group. The other three alleged members – Kirill Samokutyaev, Konstantin Vladimirovich Bergman, and Mark Avramovich Bergman, have been placed under house arrest, Russian News Agency TASS reports.

The agency quotes an undisclosed source saying that Novak is the alleged founder of the criminal group. A graphic from the DoJ of the hierarchy within the Infraud Organization, however, shows Novak listed as a vendor on the portal, well below the higher echelon of administrators and super moderators.

Infraud Organnization hierarchy
Infraud hierarchy, source: DoJ

The investigation into Infraud activities is ongoing and continues to identify new members of the group. The list of arrests has expanded and some individuals have pleaded guilty and received a sentence.

Infraud co-founder Sergey Medvedev (a.k.a. “Stells,” “segmed,” and “serjbear) admitted his role in the operation in June 2020 and on March 19, 2021, was sentenced to 10 years in prison for one count of racketeering conspiracy.

Another member of the group, Marko Leopard, aka “Leopardmk,” received five years of prison time for offering bulletproof hosting services to Infraud members.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Russia takes action against its cybercriminals

Russia appears to have started collaborating with the U.S. and taking active measures against cybercriminals on its territory.

Earlier this month, the FSB announced that it shut down the REvil ransomware gang, following reports from U.S. authorities on the leader of the group. At least eight suspects have been charged and detained for two months.

These raids and arrests come after multiple warnings that the U.S. would take action against threat actors in Russia if the Russian government can’t or won’t.

Russian citizens found guilty of cybercriminal activities will serve their sentence in Russia, even if they are wanted in other countries because the country’s legislation forbids extraditing them.

However, non-Russian citizens will be extradited to a foreign state after an investigation and court proceedings in Russia.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us