In late 2021, LabHost (AKA LabRat) emerged as a new PhaaS platform, growing over time to eventually offer dozens of phishing pages targeting banks, high-profile organizations, and other service providers located around the world, but most notably in Canada, the US, and the UK.
The popularity of the platform meant that at the time of the takedown, it boasted more than 2,000 criminal users, who had used it to deploy over 40,000 fraudulent sites leading to hundreds of thousands of victims worldwide. The platform offered a number of key benefits to its criminal clientele, including: The ability to obtain two-factor authentication (2FA) codes by proxying the connection to the phished organization using Adversary-in-the-Middle (AitM) techniques.
Read more…
Source: Trend Micro
Related:
- Japan and China wake up to global ‘ransomware’ cyberattack while Microsoft slams US government
May 15, 2017
Japan and China have fallen victim of a global “ransomware” cyberattack that has created chaos in 150 countries as Microsoft pinned blame on the US government for not disclosing more software vulnerabilities. The initial attack, known as “WannaCry,” paralyzed more than 200,000 computers, including those which that run Britain’s hospital network, Germany’s national railway and other companies and government agencies ...
- Europol Warns WannaCry Spread to Go Up on Monday
May 14, 2017
Europol is spreading bad news today as it announced that a new wave of WannaCry ransomware infections, even worse than the first, is coming on Monday. The European law enforcement agency estimates that so far there are some 200,000 victims of WannaCry and the number keeps growing. Furthermore, the number of affected countries has grown from ...
- Europol News Article on Wannacry Ransomware: recent cyber-attack
May 13, 2017
The European Cybercrime Centre, EC3, at Europol is working closely with affected countries cybercrime units and key industry partners to mitigate the threat and assist victims. The recent attack is at an unprecedented level and will require a complex international investigation to identify the culprits. The Joint Cybercrime Action Taskforce (JCAT), at EC3 is a ...
- UK hospital meltdown after ransomware worm uses NSA vulnerability to raid IT
May 12, 2017
UK hospitals have effectively shut down and are turning away non-emergency patients after ransomware ransacked its networks. Some 16 NHS organizations across Blighty – including several hospital trusts such as NHS Mid-Essex CCG and East and North Hertfordshire – have had their files scrambled by a variant of the WannaCrypt, aka WanaCrypt aka Wcry, nasty. Users ...
- FBI: Whaling now a US$ 5 billion business as execs targeted
May 9, 2017
The US Federal Bureau of Investigation (FBI) has reported the continuing explosion of Business Email Compromise (BEC) attacks as the practice becomes a US$ 5 billion (£3.86 billion) business. Between October 2013 and 2016 the total international reported loss from such scams is US$ 5,302,890,449 (£4,100 million), with US bodies taking up nearly US$ 1.6 billion ...
- Snake and Proton Malware Found Targeting Mac Users
May 8, 2017
Two malware targeting Mac-run machines recently surfaced in the wild: Snake (a.k.a. Turla, Uroburos, and Agent.BTZ, and detected by Trend Micro as OSX_TURLA.A) and Proton (OSX_PROTON.A). Both are remote access Trojans that can grant attackers unauthorized remote access to the system, consequently enabling them to steal files, data, and credentials stored in the affected system, ...