.-') _      .-') _  
                      ( OO ) )    ( OO ) ) 
          .-----. ,--./ ,--,' ,--./ ,--,'
         '  .--./ |   \ |  |\ |   \ |  |\  
         |  |('-. |    \|  | )|    \|  | ) 
        /_) |OO  )|  .     |/ |  .     |/  
        ||  |`-'| |  |\    |  |  |\    |   
       (_'  '--'\ |  | \   |  |  | \   |
          `-----' `--'  `--'  `--'  `--'
       lite.cnn.com - on gopher - inofficial
       
       
       ARTICLE VIEW: 
       
       /
       
       Police take down $249-a-month global phishing service used by 2,000
       hackers
       
       By Mark Thompson, CNN
       
       Updated: 
       
       8:47 AM EDT, Thu April 18, 2024
       
       Source: CNN
       
       Law enforcement officials in 19 countries have shut down an online
       platform that earned at least $1 million by selling phishing kits to
       cybercriminals, helping them launch attacks on tens of thousands of
       people worldwide.
       
       The operation, led by the Metropolitan Police in the United Kingdom,
       targeted LabHost, which officials said was set up in 2021 to make it
       easier for hackers to create fake websites aimed at tricking people
       into revealing email addresses, passwords and bank details.
       
       Thirty-seven suspects were arrested, and more than 70 locations were
       searched in the UK and across the world between Sunday and Wednesday,
       the Metropolitan Police said in a statement.
       
       “Since (its) creation, LabHost has received just under £1 million
       ($1,173,000) in payments from criminal users, many of whom Met
       cybercrime detectives have now been able to identify,” London’s
       police service said, adding that 2,000 users had registered with the
       site and were paying a monthly subscription.
       
       LabHost had obtained 480,000 bank card numbers, 64,000 pin numbers, as
       well as more than 1 million passwords used for websites and other
       online services, it said.
       
       European Union law enforcement agency Europol coordinated the police
       action internationally, working with the US Secret Service and Federal
       Bureau of Investigation, as well as authorities in countries as far
       apart as Australia and Finland. In a separate statement, Europol said
       four people linked to the running of LabHost, including the developer
       of the service, had been arrested.
       
       At least 40,000 phishing domains, with about 10,000 users worldwide,
       had been uncovered by the investigation into LabHost, Europol said.
       
       “With a monthly fee averaging $249, LabHost would offer a range of
       illicit services which were customizable and could be deployed with a
       few clicks,” it said.
       
       “Depending on the subscription, criminals were provided an escalating
       scope of targets from financial institutions, postal delivery services
       and telecommunication services providers, among others.”
       
       Among the services offered, Europol said, was a campaign management
       tool called LabRat, which allowed criminals to monitor and control
       phishing attacks in real time, and was designed to bypass enhanced
       security measures such as two-factor authentication.
       
   DIR  <- back to index