Another turnkey phishing service with 2,000 clients fell into the hands of the police.
As a result of an international operation by law enforcement agencies from 19 countries, the LabHost service was discontinued, which was used by more than 2,000 criminals to create phishing sites and brought the creators more than $1.2 million.
LabHost, created in 2021, allowed criminals to create and order specialized phishing pages. However, the platform's operations were interrupted after detectives received key information about its operations from the Cyber Defense Alliance.
Banner about the site being seized by law enforcement agencies
From 14 to 17 April, 37 suspects were arrested in various regions of the UK and beyond, including Manchester and Luton airports. More than 70 searches were conducted. Europol also reported the detention of 4 key individuals, including the developer of the service.
According to the London Police, LabHost has registered around 2,000 users since its inception, each of whom paid for a monthly subscription. After the termination of the platform, 800 users received reports that the police were aware of their actions.
It was found that the LabHost phishing sites collected data from almost 70,000 UK residents, including 480,000 bank card numbers and 64,000 PIN codes, as well as over 1 million passwords from various online services.
As a result of the investigation, at least 40,000 phishing domains were identified, with about 10,000 users worldwide. For an average monthly fee of $249, LabHost offered a variety of illegal services that could be set up and launched in just a few clicks. Depending on the subscription, criminals were given targets, including financial institutions, postal services, and telecommunications companies.
Among other services, LabHost offered the campaign management tool LabRat, which allowed criminals to monitor and control phishing attacks in real time, bypassing enhanced security measures, including two-factor authentication.
Police contacted 25,000 victims to inform them of the compromised data. Each case was registered with the relevant services, and the victims were advised to protect their information.
The LabHost service has become a central tool of cybercriminals in attacks on North American banks, in particular, on Canadian financial institutions. LabHost's popularity skyrocketed after specialized phishing kits targeting Canadian banks were introduced in the first half of 2023. Since then, LabHost has taken the lead, leaving behind other PhaaS platforms and is behind the majority of attacks on Canadian bank customers.
As a result of an international operation by law enforcement agencies from 19 countries, the LabHost service was discontinued, which was used by more than 2,000 criminals to create phishing sites and brought the creators more than $1.2 million.
LabHost, created in 2021, allowed criminals to create and order specialized phishing pages. However, the platform's operations were interrupted after detectives received key information about its operations from the Cyber Defense Alliance.
Banner about the site being seized by law enforcement agencies
From 14 to 17 April, 37 suspects were arrested in various regions of the UK and beyond, including Manchester and Luton airports. More than 70 searches were conducted. Europol also reported the detention of 4 key individuals, including the developer of the service.
According to the London Police, LabHost has registered around 2,000 users since its inception, each of whom paid for a monthly subscription. After the termination of the platform, 800 users received reports that the police were aware of their actions.
It was found that the LabHost phishing sites collected data from almost 70,000 UK residents, including 480,000 bank card numbers and 64,000 PIN codes, as well as over 1 million passwords from various online services.
As a result of the investigation, at least 40,000 phishing domains were identified, with about 10,000 users worldwide. For an average monthly fee of $249, LabHost offered a variety of illegal services that could be set up and launched in just a few clicks. Depending on the subscription, criminals were given targets, including financial institutions, postal services, and telecommunications companies.
Among other services, LabHost offered the campaign management tool LabRat, which allowed criminals to monitor and control phishing attacks in real time, bypassing enhanced security measures, including two-factor authentication.
Police contacted 25,000 victims to inform them of the compromised data. Each case was registered with the relevant services, and the victims were advised to protect their information.
The LabHost service has become a central tool of cybercriminals in attacks on North American banks, in particular, on Canadian financial institutions. LabHost's popularity skyrocketed after specialized phishing kits targeting Canadian banks were introduced in the first half of 2023. Since then, LabHost has taken the lead, leaving behind other PhaaS platforms and is behind the majority of attacks on Canadian bank customers.
