Phishing-as-a-Service Platform LabHost  Is Turned Over

One of the most used phishing-as-a-service platforms, LabHost, has been taken down by an international group of law enforcement authorities co-ordinated by Europol. 

London's Metropolitan Police have  been working with Europol on an operation to infiltrate and close down a website used by more than 2,000 criminals to defraud victims worldwide in their  latest joint operation to tackle large-scale online fraud.  Now, 37 suspects have been arrested as part of the international operation led by Europol, including the original developer of the LabHost service and the LabHost platform is no longer available.

This is a second major blow to cyber crime following the takedown of Lockbit,  another 'managed service' cyber crime operator in February.

Cyber criminals who subscribed to LabHost were sent individualised, 90-second “LabHost Wrapped” videos informing them of the takedown operation as well as recording key evidence against them gathered by law enforcement, including:

  • When the individual first subscribed to LabHost.
  • How long they’ve been a subscriber.
  • How much they’ve paid to LabHost.
  • The number of IP addresses they’ve used to access LabHost
  • The domains they’ve used
  • The various countries and organisations they have targeted

LabHost is believed to have obtained 480,000 card numbers, 64,000 PIN numbers, and no less than one million account passwords. 

The cyber security  company Fortra has closely monitored LabHost in recent years and claims to to have mitigated tens of thousands of phishing attacks carried out by cyber criminals using the platform. Michael Tyler, Senior director of security operations at Fortra's Phish Labs unit commented “The takedown of LabHost by international law enforcement is sending shockwaves through the Phishing as a Service ecosystem... In addition to the high-profile arrests of LabHost operators, Fortra Threat Intelligence is observing other PhaaS platforms competing with LabHost experiencing service instability and suspending their communications and support channels."

LabHost was established up in 2021 and quickly gained a criminal user base. By this year it was operating more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee of  between $250 and $350, many of whom law enforcement officers are now been able to identify. 

The extent of of the data collected by this operation is remarkable and Forta expect numerous arrests as law enforcement uses this data to uncover the real-world identities of the criminals. Some have already been arrested, while others are now the focus of the ongoing investigation.

Phish Labs     |   Phish Labs    |    Europol    |       Metropolitan Police    |     

You Might Also Read: 

$15m Bounty To Identify LockBit Bosses:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Overcoming Security Alert Fatigue
The Evolving Cybersecurity Vulnerability Landscape »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BSI Group

BSI Group

BSI is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

Picus Security

Picus Security

Huge gaps often exists between the "perceived"​ and "actual"​ IT security level of an organization. Picus Security continuously assesses security controls and reveals deficient ones before hackers do.

ESTsecurity

ESTsecurity

ESTsecurity is a leading company in cyber security providing intelligent security solutions to make world more secure.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

CryptoTec

CryptoTec

CryptoTec is a provider of security concepts and encryption solutions for secure communication between decentralized computerized systems.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

Trilateral Research

Trilateral Research

Trilateral Research provide regulatory and policy advice; develop new data-driven technologies and contribute to the latest standards in safeguarding privacy, ethics and human rights.

Verichains

Verichains

Verichains Lab is a pioneer and leading APAC blockchain security firm with extensive expertise in the areas of security, cryptography and core blockchain technology.

Intelligent Technical Solutions (ITS)

Intelligent Technical Solutions (ITS)

We help businesses manage their technology. Intelligent Technical Solutions provide you with the right technical solution, so you can get back to running your business.

NORMA Cyber

NORMA Cyber

NORMA Cyber delivers centralised cyber security services to Norwegian shipowners and other entities within the Norwegian maritime sector.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.