The LabHost service has become a central tool of cybercriminals in attacks on North American banks, in particular, on Canadian financial institutions.
Phishing-as-a-Service (PHaaS) provides attackers with various tools for organizing phishing attacks: from ready-made kits to infrastructure for hosting fraudulent pages and tools for creating email newsletters.
The existence of LabHost is not news to the cybersecurity world, but its popularity increased dramatically after specialized phishing kits targeting Canadian banks were introduced in the first half of 2023. Research organization Fortra notes that since then, LabHost has taken the lead, leaving behind other PhaaS platforms, including the phishing service Frappo, and is now behind the majority of attacks on customers of Canadian banks.
In October 2023, LabHost experienced a major crash, but quickly recovered and continued to be active, conducting hundreds of attacks every month. LabHost offers its users 3 data plans: standard for $179 per month, premium for $249 per month and global for $300 per month, each of which is focused on different geographical regions and target institutions, including US banks and 70 institutions around the world.
In addition, LabHost allows cybercriminals to bypass two-factor authentication (2FA) using the LabRat tool, which provides real-time management and monitoring of phishing attacks.
LabHost also offers a tool for sending SMS spam, labSend, which automates smishing campaigns by sending messages with links to phishing pages and automatically responding to victims ' messages.
The development of such PhaaS platforms makes cybercrime more accessible to a wide range of individuals, including inexperienced hackers, which in turn significantly increases the threat to cybersecurity at the global level. Other notable platforms of concern among researchers include Caffeine and Robin Banks, which offer advanced multi-factor authentication bypass capabilities and customizable phishing kits.
• Source: https://www.phishlabs.com/blog/phishing-service-profile-labhost-threat-actor-group
Phishing-as-a-Service (PHaaS) provides attackers with various tools for organizing phishing attacks: from ready-made kits to infrastructure for hosting fraudulent pages and tools for creating email newsletters.
The existence of LabHost is not news to the cybersecurity world, but its popularity increased dramatically after specialized phishing kits targeting Canadian banks were introduced in the first half of 2023. Research organization Fortra notes that since then, LabHost has taken the lead, leaving behind other PhaaS platforms, including the phishing service Frappo, and is now behind the majority of attacks on customers of Canadian banks.
In October 2023, LabHost experienced a major crash, but quickly recovered and continued to be active, conducting hundreds of attacks every month. LabHost offers its users 3 data plans: standard for $179 per month, premium for $249 per month and global for $300 per month, each of which is focused on different geographical regions and target institutions, including US banks and 70 institutions around the world.
In addition, LabHost allows cybercriminals to bypass two-factor authentication (2FA) using the LabRat tool, which provides real-time management and monitoring of phishing attacks.
LabHost also offers a tool for sending SMS spam, labSend, which automates smishing campaigns by sending messages with links to phishing pages and automatically responding to victims ' messages.
The development of such PhaaS platforms makes cybercrime more accessible to a wide range of individuals, including inexperienced hackers, which in turn significantly increases the threat to cybersecurity at the global level. Other notable platforms of concern among researchers include Caffeine and Robin Banks, which offer advanced multi-factor authentication bypass capabilities and customizable phishing kits.
• Source: https://www.phishlabs.com/blog/phishing-service-profile-labhost-threat-actor-group
