International police team cracks down on phishing service 'LabHost' and arrests 37 people
As a result of a large-scale investigation involving police authorities from 19 countries around the world, including the European Police Organization (Europol), it has been reported that 37 people associated with LabHost, a huge cybercrime organization that sold phishing tools around the world as '
International investigation disrupts phishing-as-a-service platform LabHost | Europol
https://www.europol.europa.eu/media-press/newsroom/news/international-investigation-disrupts-phishing-service-platform-labhost
Law enforcement infiltrates fraud platform used by thousands of criminals worldwide | Metropolitan Police
https://news.met.police.uk/news/law-enforcement-infiltrates-fraud-platform-used-by-thousands-of-criminals-worldwide-482687
Global sting sees Australian offenders arrested for cybercrime and phishing attacks | Australian Federal Police
https://www.afp.gov.au/news-centre/media-release/global-sting-sees-australian-offenders-arrested-cybercrime-and-phishing
LabHost phishing service with 40,000 domains disrupted, 37 arrested
https://www.bleepingcomputer.com/news/security/labhost-phishing-service-with-40-000-domains-disrupted-37-arrested/
LabHost is a phishing platform that began operating in 2021. It has expanded its influence by using services that allow even low-skilled cybercriminals to easily carry out attacks, such as tools that can automatically generate and distribute phishing emails and a security evasion tool called 'LabRat.' In February 2024, security company Fortra reported that LabHost was gaining more support than existing PhaaS.
As of early 2024, LabHost had built 40,000 fraudulent websites, 2,000 cybercriminals were using its phishing services for an average monthly fee of just $249 (approximately 38,000 yen), and the number of cybercriminals using LabHost's tools to commit phishing scams reached 10,000 in total.
Law enforcement agencies in 19 European and American countries, which had been conducting their own investigations in their own countries, began an international investigation in September 2023, coordinated by Europol. Private organizations such as Microsoft, Chainalysis, Intel 471, and Trend Micro also joined the effort.
Then, in a simultaneous raid conducted at 70 locations around the world from April 14 to 17, 2024, 37 suspects, including the developer of LabHost's tools, were arrested and infrastructure such as fraudulent sites and 207 servers were seized.
Since its establishment, LabHost has received a total of approximately $1.17 million in payments from its cybercriminal clients, many of whom have been identified by authorities, some of whom have already been arrested, and others whose accounts are under investigation.
Some have even received direct warning from the authorities, with the Metropolitan Police stating: 'Immediately after the phishing platform was taken down, 800 users received our message saying we know who they are and what they have been doing. We have shown them that we know how much they have paid LabHost, what sites they have visited and how much data we have on them. Most of these individuals will continue to be the focus of our investigation over the coming weeks and months.'
Authorities also revealed that LabHost has stolen approximately 480,000 credit card numbers, 64,000 PIN codes, and one million passwords for various online accounts, and are in the process of contacting victims around the world.
Europol warned users of malicious services: 'Platforms like LabHost make it easier for less-skilled hackers to commit cybercrime, greatly expanding the reach of threat actors. However, no matter how user-friendly a service may be, malicious use is still illegal and the penalties are severe.'
The Metropolitan Police also urged internet users to 'report any scams they come across, or if you have fallen victim to one, please report it to the police and get help. Scammers are clever and there is no need to be embarrassed about being a victim of fraud. Reporting an offence can help prevent another victim from falling scammed.'
Related Posts:
in Security, Posted by log1l_ks