Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Europol teams up with state police to disrupt major phishing network

A cybersecurity icon projecting from a laptop screen.

A major phishing-as-a-service service has been disrupted, its infrastructure dismantled, and its operators arrested in a major operation headed up by Europol.

Announcing the takedown, Europol said it took down LabHost, a phishing kit that provided infrastructure for hosting pages, interactive functionality for directly engaging with victims, and campaign overview services, for a monthly fee of, on average, $249. 

Furthermore, LabHost offered a menu of more than 170 fake websites that served as convincing phishing pages. Users would be able to choose from these pages and use them in their fraud campaigns.

Phishing domains

But perhaps the most destructive part of LabHost’s operation is its integrated campaign management tool, LabRat. This tool, Europol explains, allowed cybercriminals to monitor and control their attack campaigns in real time. With LabRat, they were able to grab multi-factor authentication (MFA) codes, passwords, and other login credentials, successfully bypassing even the most sophisticated security measures.

During the operation, law enforcement operatives searched 70 addresses and arrested 37 suspects. Among those are four individuals in the United Kingdom, who are accused of running the site and developing the service. The UK’s London Metropolitan Police led the operation, with the support of Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT).

The investigation uncovered at least 40 000 phishing domains linked to LabHost, Europol said, adding that these had roughly 10 000 users worldwide.

Besides Europol and the UK police, other agencies participated in the operation, including those from Australia, Austria, Belgium, Finland, Ireland, The Netherlands, New Zealand, Lithuania, Malta, Poland, Portugal, Romania, Spain, Sweden, the US, Czech Republic, Estonia, and Canada. 

Europol did not unveil the identities of the arrested individuals, but it did say that it gathered a “vast amount” of data throughout the investigation.

“This data will be used to support ongoing international operational activities focused on targeting the malicious users of this phishing platform.”

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.