SINGAPORE – A man who maintained a scam syndicate’s physical office in Kuala Lumpur and paid for hosting services of multiple servers has been sentenced to over five years’ jail. Lau Chun Kiat’s actions led to at least 129 victims in Singapore suffering losses of more than $3 million, prosecutors said. He was involved in a scam that used a sophisticated remote access malware designed to be installed in Android mobile devices, allowing the syndicate to access mobile phones of victims to gain access to
its applications, including banking features. On May 25, Lau, 28, was sentenced to five years and five months’ jail after pleading guilty to being a member of a locally linked organised criminal group and for conspiring with others to gain access to other devices through the malware. The court heard that sometime around February 2023, Lau, a Malaysian national, was employed by a Taiwanese man Lee Rong Teng, to maintain an office in Kuala Lumpur for the purpose of supporting the operations of the syndicate.
Lee remains on the run. Lau maintained the Malaysia office between February 2023 and April 2023. The office was also used to train other members of the syndicate to use the malware. Between May 2023 and October 2023, Lau also made payments to at least five servers in Malaysia and Hong Kong, where the malware was being hosted. The malware was eventually downloaded by at least 129 victims in Singapore. Between June 2023 and June 2024, the syndicate remotely accessed the victims’ mobile bank applications
and stole at least $3.19 million. The prosecution said that Lau’s actions were directly attributed for the losses of the victims, as the syndicate’s plan would be “dead in the water” if Lau had not paid for the hosting services of multiple servers. Lau was arrested outside his residence in Muar on June 12, 2024, following a collaboration between the Royal Malaysian Police and the Criminal Investigation Department’s technology crime investigation bureau. He was escorted back to Singapore on June 14, 2024, and has been
held in remand since.
Lau Chun Kiat, malware scam, Android remote access, Kuala Lumpur office, Lee Rong Teng, organised criminal group, Singapore victims, Muar arrest, five years and five months, mobile banking theft