Author

Topic: LabHost phishing service with 40,000 domains disrupted, 37 arrested (Read 81 times)

sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
Nice one. Phishing attacks is becoming a nightmare...

The story is interesting and it's good we have it in the Beginners section, imo. Phishing attacks are easy to avoid if you pay attention to simple details.
Yes that's if you don’t click on link sent from unknown sources online, email or even sms, while also being cautious of who you're sending information or funds to online, especially if it's the Actual person or service.
Though there are still some complicated ones like the news we have heard about Playstore and Appstore having malicious apps, this is among the reasons we should continue to stay updated about security news.

Why are users sent warning messages? If they have used the platform to scam people, they should be arrested immediately and not be warned through messages. .
Through legal proceedings? Seriously, you can't arrest someone in the internet just through the stored data in any database with only the email address, it could be hacked, have fake names, as well as fake address and all other info. The messages sent could be just asking evidence or whatever. Since the main suspects are the owners, people operating the website.
You're correct and another reason why investigation will go on before any punishment some of these users may actually just explore the site while some might have just used it fewer times less than the others and so their punishment will varies.
hero member
Activity: 714
Merit: 521
DGbet.fun - Crypto Sportsbook
Maybe if things like this continue to happen, many would be afraid of going to jail or wasting their time on what will eventually got bursted, we have seen and heard about many of their kind in the past and they went away with doing such, now technology is getting  more advanced and there seems to be more exposures on this regard, we can keep on with the mentioning of many other series of attacks in this manners which has happened before.
hero member
Activity: 1554
Merit: 880
Notify wallet transaction @txnNotifierBot
Why are users sent warning messages? If they have used the platform to scam people, they should be arrested immediately and not be warned through messages. .
Through legal proceedings? Seriously, you can't arrest someone in the internet just through the stored data in any database with only the email address, it could be hacked, have fake names, as well as fake address and all other info. The messages sent could be just asking evidence or whatever. Since the main suspects are the owners, people operating the website.

but we also have to watch our guards since it's crystal clear that the internet is not safe as it seems.
It's always does.
newbie
Activity: 19
Merit: 0
Nice one. Phishing attacks is becoming a nightmare...

The story is interesting and it's good we have it in the Beginners section, imo. Phishing attacks are easy to avoid if you pay attention to simple details.
sr. member
Activity: 658
Merit: 441
Why are users sent warning messages? If they have used the platform to scam people, they should be arrested immediately and not be warned through messages. These people are very terrible.

I think the authorities don't want to persecute an innocent person for crime he or she did not commit. I'm sure the identities of the 800 persons were gotten when forensic was carried out on the website but a victim's credit card info could as well be stolen by a scammer and used to make purchases on LabHost. So, I believe the warning is an opportunity for such persons to get every evidence they need to clear their names. The authorities will use the findings during the interrogation process to separate the innocent ones from the real criminals.
sr. member
Activity: 560
Merit: 265
Also about 800 users has been sent messages to warn them about upcoming investigations on them by the law.
Why are users sent warning messages? If they have used the platform to scam people, they should be arrested immediately and not be warned through messages. These people are very terrible.

I remember being scammed on one of their sites and all my money was gone. I suffered from depression. Law enforcement agencies should set a very strong example with them. The court should give them a sentence of about 50 years or more, and all their money in whatever form should be relinquished.

LabHost is just one of the many phishing sites out there- there would be 99 more working at scamming people.
sr. member
Activity: 658
Merit: 441
Nice one. Phishing attacks is becoming a nightmare, if it's not your wallet, then it's your credit or debit card details. The rate of phishing attacks over the years has been on exponential rise and this could be attributed to the availability of tools like PaaS which has made it so easy for these threat actors to launch attacks.

If one of such services is taken down, then it's a win and kudos to the law enforcement agencies.
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
The LabHost phishing-as-a-service (PhaaS) platform has been disrupted after a year long global law enforcement that now as put to end this menace and they arrested 37 suspects including a main member of the LabHost team.

The site called LabHost was active since 2021 and was a cyber fraud superstore, allowing users to produce realistic-looking websites from household names such as the big banks, ensnaring victims around the world including 70,000 in the UK.

LabHost amassed 480,000 debit or credit card numbers, 64,000 pin numbers and made £1m from membership fees alone from 2,000 people, which were up to £300 a month for membership, to be paid in cryptocurrency. It advertised itself as a “one-stop-shop for phishing”.

It offered a tutorial video on how to use the site to commit crime, similar to a video on how to use a new consumer product. The video said the software took five minutes to install, and offered “customer service” if there were any problems. It ended by wishing its criminal users to: “Stay safe and good spamming.”
Without having any much IT knowledge with their help anyone can create a phishing website or any other phishing scammed mentioned and many universities student as been using this platform, for malicious purposes in order to make money online.


LabHost also offered infrastructure for hosting phishing pages and automatic phishing email generation and distribution, allowing low-skilled cybercriminals an easy way to carry out attacks.

In February 2024, digital security company Fortra warned that LabHost was growing into a popular PhaaS platform, surpassing other established players on the market.

The recent international law enforcement operation coordinated by Europol started roughly a year ago and involved police forces and special investigators in 19 countries, as well as partners from the private sector like Microsoft, Trend Micro, Chainalysis, Intel 471, and The Shadowserver Foundation.

"The investigation uncovered at least 40 000 phishing domains linked to LabHost, which had some 10 000 users worldwide," reads Europol's announcement.

Europol highlights a particularly powerful tool called LabRat that made the service stand out from the competition. LabRat is a real-time phishing management tool that enabled attackers to capture two-factor authentication (2FA) tokens and bypass account protections.
Also about 800 users has been sent messages to warn them about upcoming investigations on them by the law.

It's good to hear news this and to know there are law enforcement agency fighting against such illicit platforms mainly found on dark web  but we also have to watch our guards since it's crystal clear that the internet is not safe as it seems.

Sources:
https://www.theguardian.com/technology/2024/apr/18/students-turning-to-cyberfraud-as-huge-phishing-site-infiltrated-police-reveal

https://www.bleepingcomputer.com/news/security/labhost-phishing-service-with-40-000-domains-disrupted-37-arrested/amp/

Jump to: