London police announced Thursday that they had infiltrated a site used by 2,000 offenders to defraud victims online around the world, during an operation where 37 suspects were arrested in recent days. In service since 2021, the “LabHost” criminal network made it possible to create phishing sites, intended to fraudulently obtain bank details, according to Scotland Yard.
70,000 victims in the United Kingdom
Since its creation, the site has received almost a million pounds sterling (1.1 million euros) from its users, who paid between 200 and 300 pounds sterling (234 to 350 euros) per month, according to the London police. The investigation established that nearly 70,000 victims in the United Kingdom provided personal information on one of the fraudulent sites from LabHost. Its users could replicate existing sites, notably banking, health services or postal services. “But LabHost has now been infiltrated and disrupted following a worldwide operation led by the Met,” London Police, Scotland Yard announced.
Worldwide, LabHost has made it possible to fraudulently obtain 480,000 bank card numbers and a million passwords used for websites or online services. Investigators have so far contacted up to 25,000 victims in the UK to inform them that their data has been compromised. As part of the operation which disrupted the site, 800 of its users received a message telling them that the police were aware of their illicit activities in detail.
40,000 phishing sites, 10,000 users around the world
The investigation which brought together police forces from 18 countries made it possible to identify at least 40,000 phishing sites linked to LabHost, which had 10,000 users around the world, Europol announced in a press release. According to the European organization, LabHost had a “particularly destructive” element which allowed criminals to monitor phishing campaigns in real time and circumvent security measures.
This operation comes after others of the same type, including one in February against LockBit, presented as the “most harmful group of computer hackers in the world”, at the origin of ransom demands targeting hospitals in particular, causing losses which in total amount to billions of euros including the ransoms paid and the costs incurred for the victims. “Online scammers believe they can act with impunity”, that they “can hide behind digital entities and platforms like LabHost and have absolute confidence that these sites are impenetrable by the police”, a said Lynne Owens, Assistant Commissioner at Scotland Yard, in a statement.
“But this operation and others over the past year show that law enforcement around the world can come together (…) to dismantle international fraud networks at the source,” she added. .