France: triple crackdown on cybercriminal websites

In early spring 2024, French law enforcement hit three French cybercriminal platforms, leading to arrests and infrastructure seizures. At the end of March 2024, the Office for Combating Migrant Smuggling (OLTIM) and Cybercrime Prevention Office thus shut down SelkiScan, as well as its parent forum, Selkis Online. Law enforcement have also arrested the two young adults suspected of being its administrators.

SelkiScan was a malicious platform specialized in forging documents, 2.7 million of them since it opened in September 2021, to be precise. Its catalog included counterfeit ID papers, diplomas, social security cards, proofs of address, bills (EDF, Darty, SFR…), pay slips, banking details, prescriptions and Covid passes…

“Their priority was not necessarily making money, there was a desire to challenge authority. They weren’t targeting a specific audience. They were all over the place: fugitives, migrants, con artists,” explained Captain Fabrice Saugner from the OLTIM.

In mid-April 2024, the Paris police cybercrime unit (BLCC) closed the Fast Scama Telegram account, which was specialized in the sale of phishing kits. Law enforcement also arrested the 26-year-old man suspected of managing the account.

Finally, in mid-April 2024, the French gendarmerie’s national cyber unit announced it had seized the black marketplace Cosa Nostra, in early April 2024. The dark web platform, which could only be accessed through Tor, was used to sell narcotics and cybercriminal services (scams, phishing, ransomware). It had around 3,100 members.