SINGAPORE, April 18,
2024 /CNW/ -- Group-IB, a leading cybersecurity
company aimed at investigating, preventing, and fight digital crime
announced today that it participated in a coordinated global
takedown operation against prominent Canadian Phishing-as-a-Service
(PhaaS) provider LabHost, which has led to the arrest of 37
suspects across the United Kingdom
and around the world by law enforcement agencies. As part of the
operation, Group-IB also conducted an
extensive analysis of LabHost's criminal history and
infrastructure, including insights into LabHost's administrative
platform and the services it provides to its purported user base
which exceeds 2,000 subscribers worldwide, who illegally obtained
around 480,000 card numbers, 64,000 pin numbers, and over 1 million
passwords from victims used for websites and other online services,
according to law enforcement agencies.
"By leveraging our Threat Intelligence and Digital Risk
Protection, we are able to identify and monitor phishing attacks
and websites like those deployed by LabHost and its subscribers
around the world, enabling us to actively alert and protect our
customers, and in turn, their customers as well," said Dmitry Volkov, Chief Executive Officer of
Group-IB. "Today's takedown operation demonstrates the agility and
responsiveness of our decentralized Digital Crime
Resistance Centers, and how quickly we can provide immediate and
local assistance wherever our customers may be."
First uncovered in late 2021, LabHost emerged as a fully
automated Phishing-as-a-Service (PhaaS) platform, streamlining the
creation of phishing websites meticulously mirroring the interface
and functionality of prominent banking, postal, and financial
entities, aimed at intercepting, seizing, and profiting from users'
personal, credit card, and online banking credentials. Users are
prompted to select from various "membership plans," tailored to
target businesses and individuals in either the United States and Canada, or globally, akin to mobile
subscription models. These plans encompass "standard," "premium,"
and "world membership" tiers, priced between US$179 and US$300
monthly, with options for monthly, quarterly, or annual billing
cycles.
Screenshots of the "LabRat" console which enables cybercriminals
to monitor its victims in real time and generate prompts that would
direct their victims to provide sensitive information including
two-factor authentication codes and other financial and personal
details.
For media inquiries, please contact
pr@group-ib.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/group-ib-takes-part-in-a-global-operation-to-cripple-canadian-phishing-as-a-service-provider-labhost-302121351.html
SOURCE Group-IB