Hackers take control of a nurse’s account and create thousands of fake COVID-19 passes. 13 cybercriminals arrested in France

The government of France announced the arrest of thirteen people accused of having hacked the account of a nurse to create more than 60,000 COVID-19 passes. Although their names are unknown, it has been known that those arrested are young French people between 22 and 29 years old.

The fraud was discovered in conjunction with a France-based insurance company in which the affected nurse had an associated account. This firm reported approval of just over 62,000 thousand unauthorized COVID-19 passes, though the number could still vary. The arrested individuals will face charges of racketeering, money laundering, theft of personal data and conspiracy to commit electronic fraud.

Just a week ago, a couple was arrested in the French city of Lyon for operating a similar scam, though it was not revealed how the defendants did to access COVID-19 pass systems. In this investigation, authorities seized 20 smartphones and a firearm.

The COVID-19 pass is not without controversy. Current government guidelines state that French citizens who are fully vaccinated or who have recently recovered from COVID-19 can use their pass to enter restaurants and other public spaces, excluding those who have decided not to get vaccinated.

French authorities have expressed concern about the ease with which it appears that hackers can access COVID-19 pass systems. An article published in late 2021 noted that authorities have found around 182,000 fake passes since France began issuing this document in July 2021, arresting more than 100 people involved in related frauds.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.