LabHost, at the head of a vast monthly subscription phishing network, is experiencing difficult times. The platform is the subject of an international investigation which is greatly disrupting its activities.
The authorities of 19 countries in Europe and around the globe indicated on Thursday that they had “ severely disrupted one of the largest phishing platforms as a service » of the planet, LabHost. It was after a year-long operation that Europol was able to compromise the infrastructure of the organization which provides services such as subscription phishing kits. The figures put forward by the authorities are quite impressive.
LabHost, the supermarket for cybercriminals
Between Sunday April 14 and Wednesday April 17, 2024, Europol indicates that it noted 70 searches around the world, resulting in 37 arrests, including 4 people in the United Kingdom alone, who are believed to be linked to the operation of the Europol website. LabHost. Its initial developer is believed to be one of the individuals arrested.
Thanks to their intervention, the authorities, including the London Metropolitan Police and Europol’s European Cybercrime Center, managed to secure the closure of the open web platform. But it is obviously not, at this stage, completely eradicated, the LockBit case law having been there.
The crackdown is in any case saving, since LabHost has become an essential tool for many hackers around the world. The platform model is based on a monthly subscription which allows you to obtain phishing kits, functionalities allowing you to interact directly with victims, or an infrastructure for hosting cybercriminal pages. In short, a real supermarket.
A professional structure and subscription as an economic model
LabHost offers a monthly subscription model at $249, allowing for more customization of services, then deployable in a handful of clicks. This model of phishing-as-a-service is becoming more and more widespread. It is just as common among groups specializing in ransomware. Then, through financing, it is possible to target certain targets, for example financial institutions or telecommunications services.
According to the investigation, there are no less than 40,000 phishing domains linked to LabHost. The platform had, before it was shut down by the authorities, around 10,000 users worldwide. In total, the organization offers a gigantic menu of 170 fake websites ready to imitate certain major brands and trap users.
LabHost has so far done great damage with LabRat, its – professional – integrated campaign management tool. Designed to recover authentication codes, it allows you to pass two-factor authentication. The feature has helped hackers monitor and control their attacks in real time.
0