The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider


In late 2021, LabHost (AKA LabRat) emerged as a new PhaaS platform, growing over time to eventually offer dozens of phishing pages targeting banks, high-profile organizations, and other service providers located around the world, but most notably in Canada, the US, and the UK.

The popularity of the platform meant that at the time of the takedown, it boasted more than 2,000 criminal users, who had used it to deploy over 40,000 fraudulent sites leading to hundreds of thousands of victims worldwide. The platform offered a number of key benefits to its criminal clientele, including: The ability to obtain two-factor authentication (2FA) codes by proxying the connection to the phished organization using Adversary-in-the-Middle (AitM) techniques.

Read more…
Source: Trend Micro


Sign up for our Newsletter


Related:

  • City of Helsinki’s suffers data breach

    June 11, 2024

    It remains unclear whether the perpetrator behind a massive data breach of the City of Helsinki has tried to benefit from the crime, according to the City. Detected in April, the hack resulted in the leak of tens of millions of files from the city’s internal network. The stolen files included the personal data of up ...

  • Singaporean businesses targeted by Akira ransomware

    June 10, 2024

    Akira – a ransomware hacker group -that extorted $42 million from over 250 organizations across North America, Europe, and Australia within a year, is now actively targeting businesses in Singapore, according to a joint advisory issued by Singaporean authorities. The Cyber Security Agency of Singapore (CSA), the Singapore Police Force, and the Personal Data Protection Commission ...

  • Bypassing 2FA with phishing and OTP bots

    June 10, 2024

    Two-factor authentication (2FA) is a security feature we have come to expect as standard by 2024. Most of today’s websites offer some form of it, and some of them won’t even let you use their service until you enable 2FA. Individual countries have adopted laws that require certain types of organizations to protect users’ accounts ...

  • Thousands detained as Thailand ramps up cybercrime suppression campaign

    June 10, 2024

    The Ministry of Digital Economy and Society (MDES) is intensifying its efforts to combat cybercrime. It reported a significant increase in access blocks to gambling websites and the closure of millions of suspicious mobile lines last month. The Ministry of Digital Economy and Society (MDES) has been taking strong measures to combat cybercrime, particularly in the ...

  • Major data breach at Philippines Agricultural Credit Policy Council (ACPC) exposes sensitive information

    June 9, 2024

    The Agricultural Credit Policy Council (ACPC) has been hacked, exposing sensitive data and raising concerns about government agency security. Ph1ns, a hacker who gained unauthorized access to the ACPC’s internal systems, revealed the breach. The hacker was also responsible for several hack attacks on government agencies, including the DOST and the PNP. Read more… Source: Manila Bulletin Sign up ...

  • FBI urges LockBit ransomware victims to reach out after securing thousands of decryption keys

    June 7, 2024

    The FBI revealed it has thousands of decryption keys that can unlock data encrypted by the LockBit ransomware. The agency’s Assistant Director for the Cyber Division, Bryan Vorndran, confirmed the news during the 2024 Boston Conference on Cyber Security, and has invited all past LockBit victims to reach out and try to unlock their files. Read more… Source: ...