The LabHost phishing-as-a-service (PhaaS) platform has been disrupted after a year long global law enforcement that now as put to end this menace and they arrested 37 suspects including a main member of the LabHost team.
The site called LabHost was active since 2021 and was a cyber fraud superstore, allowing users to produce realistic-looking websites from household names such as the big banks, ensnaring victims around the world including 70,000 in the UK.
LabHost amassed 480,000 debit or credit card numbers, 64,000 pin numbers and made £1m from membership fees alone from 2,000 people, which were up to £300 a month for membership, to be paid in cryptocurrency. It advertised itself as a “one-stop-shop for phishing”.
It offered a tutorial video on how to use the site to commit crime, similar to a video on how to use a new consumer product. The video said the software took five minutes to install, and offered “customer service” if there were any problems. It ended by wishing its criminal users to: “Stay safe and good spamming.”
Without having any much IT knowledge with their help anyone can create a phishing website or any other phishing scammed mentioned and many universities student as been using this platform, for malicious purposes in order to make money online.
LabHost also offered infrastructure for hosting phishing pages and automatic phishing email generation and distribution, allowing low-skilled cybercriminals an easy way to carry out attacks.
In February 2024, digital security company Fortra warned that LabHost was growing into a popular PhaaS platform, surpassing other established players on the market.
The recent international law enforcement operation coordinated by Europol started roughly a year ago and involved police forces and special investigators in 19 countries, as well as partners from the private sector like Microsoft, Trend Micro, Chainalysis, Intel 471, and The Shadowserver Foundation.
"The investigation uncovered at least 40 000 phishing domains linked to LabHost, which had some 10 000 users worldwide," reads Europol's announcement.
Europol highlights a particularly powerful tool called LabRat that made the service stand out from the competition. LabRat is a real-time phishing management tool that enabled attackers to capture two-factor authentication (2FA) tokens and bypass account protections.
Also about 800 users has been sent messages to warn them about upcoming investigations on them by the law.
It's good to hear news this and to know there are law enforcement agency fighting against such illicit platforms mainly found on dark web but we also have to watch our guards since it's crystal clear that the internet is not safe as it seems.
Sources:
https://www.theguardian.com/technology/2024/apr/18/students-turning-to-cyberfraud-as-huge-phishing-site-infiltrated-police-revealhttps://www.bleepingcomputer.com/news/security/labhost-phishing-service-with-40-000-domains-disrupted-37-arrested/amp/ 
