KUALA LUMPUR: Two men arrested in the country have been extradited to Singapore for their suspected involvement in malware-enabled scams targeting Singaporeans since June last year.
The duo, aged 26 and 47, are expected to be charged in Singapore courts today.
Singapore Police Force (SPF), in a statement published on its website yesterday, said with the cooperation of their Malaysian counterparts, the suspects were arrested on Wednesday following a warrant of arrest issued by the State Court of Singapore.
"Both men were handed over to the SPF on June 14," the statement said.
The statement said the suspects were arrested as a result of a seven-month-long joint multi-jurisdictional investigation formed in November last year, led by the SPF with the cooperation of the Hong Kong Police Force (HKPF) and the Royal Malaysia Police (RMP).
"The joint investigation team unravelled the complex web of criminal activity and online infrastructure hosting the malware.
"Based on the leads uncovered, the SPF established the identity of two men who were believed to be part of the syndicate responsible for the malware-enabled scams, and traced their location to Malaysia."
Preliminary investigations, the SPF said, showed that the suspets had allegedly operated servers for the purposes of infecting victims' Android mobile phones with a malicious Android Package Kit (APK) app, and subsequently controlling the phones.
"The malicious APK application enabled the scammers to modify the contents of the victims' mobile phones, which facilitated the subsequent compromise of the victims' bank accounts."
Both men, the SPF said, will be charged with unauthorised modification of computer material punishable under Section 5(2) read with Section 12(1) of the Computer Misuse Act 1993, which carries a fine of up to $50,000 (RM174,308), the maximum seven years' jail or both upon conviction.
The 47-year-old man will also be charged with acquiring benefits from criminal conduct punishable under Section 54(5) of the Corruption, Drug Trafficking and other Serious Crimes (Confiscation of Benefits) Act 1992, which carries the maximum $500,000 (RM1.7 million), an imprisonment term of up to 10 years, or both.
In 2023, there were at least 1,899 cases of victims in Singapore having downloaded malware onto their phones, and the total amount lost was at least $34.1 million (RM118.88 million).
The scammers, in these cases, deceived the victims into downloading malicious apps onto their mobile devices.
"Through these apps, the scammers were able to remotely access their devices and steal sensitive information, including personal data and banking credentials.
"The stolen information was then used to perform fraudulent transactions on the victims' banking accounts, leading to financial losses by the victims," the statement said.