{"id":21478,"date":"2024-04-19T16:32:44","date_gmt":"2024-04-19T16:32:44","guid":{"rendered":"https:\/\/gridinsoft.com\/blogs\/?p=21478"},"modified":"2024-09-20T17:08:41","modified_gmt":"2024-09-20T17:08:41","slug":"labhost-phishing-service-taken-down","status":"publish","type":"post","link":"https:\/\/gridinsoft.com\/blogs\/labhost-phishing-service-taken-down\/","title":{"rendered":"LabHost Phishing Service Taken Down by Police"},"content":{"rendered":"<p><strong>Authorities have seized the LabHost phishing service, accused of stealing personal information<\/strong> from victims worldwide. This service specialized in creating fake websites to harvest user data illegally. However, law enforcement agencies have taken down in a series of coordinated raids in several countries. LabHost reportedly accumulated data on nearly half a million credit cards and secured over a million passwords.<\/p>\n<h2>Police Operation Halts LabHost Phishing Service<\/h2>\n<p>In a sweeping international law enforcement operation, authorities have dismantled a notorious cybercrime syndicate. They arrested <strong>37 individuals<\/strong> linked to the LabHost <a href=\"https:\/\/gridinsoft.com\/phishing\">phishing service<\/a>. So, between April 14 and 17, a coordinated effort led by Europol resulted in the arrest of <strong>32 individuals<\/strong>. This included four individuals in the U.K. who were responsible for developing and running a service. Additionally, 70 addresses were searched worldwide as part of this operation.<\/p>\n<figure id=\"attachment_21496\" aria-describedby=\"caption-attachment-21496\" style=\"width: 1280px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost.webp\" alt=\"Seized website screenshot\" width=\"1280\" height=\"720\" class=\"size-full wp-image-21496\" title=\"\" srcset=\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost.webp 1280w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-300x169.webp 300w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-1024x576.webp 1024w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-768x432.webp 768w\" sizes=\"auto, (max-width: 1280px) 100vw, 1280px\" \/><figcaption id=\"caption-attachment-21496\" class=\"wp-caption-text\">Screenshot of LabHost&#8217;s seized website<\/figcaption><\/figure>\n<p>This global initiative, codenamed &#8220;Nebulae,&#8221; targeted a network accused of pilfering <a href=\"https:\/\/gridinsoft.com\/blogs\/personal-data-sensitive-data\/\">sensitive personal information<\/a> from countless victims worldwide. Thus, the Australian Joint Policing Cybercrime Coordination Centre (JPC3) <strong>has successfully taken down 207 servers<\/strong> that hosted phishing websites created through the LabHost service. The Metropolitan Police in the U.K. has also announced the arrest of four individuals involved in running the service&#8217;s website, along with the original developer of the platform.<\/p>\n<h2>What Is LabHost?<\/h2>\n<p>LabHost (<strong>lab-host[.]ru<\/strong>) is a service recognized as one of the most expansive Phishing-as-a-Service (PhaaS) operations. It specializes in crafting deceptive websites that mimic reputable banks and institutions to harvest user data illegally. Europol, spearheading the effort, <a href=\"https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/international-investigation-disrupts-phishing-service-platform-labhost\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">detailed that LabHost<\/a> offered its illicit services through two distinct packages\u2014a suite targeting brands primarily in the U.S. and Canada and a more global suite excluding these regions.<\/p>\n<figure id=\"attachment_21522\" aria-describedby=\"caption-attachment-21522\" style=\"width: 800px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" loading=\"lazy\" decoding=\"async\" src=\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui.webp\" alt=\"Labhost user interface screenshot\" width=\"1772\" height=\"1256\" class=\"size-full wp-image-21522\" title=\"\" srcset=\"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui.webp 1772w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui-300x213.webp 300w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui-1024x726.webp 1024w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui-768x544.webp 768w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui-1536x1089.webp 1536w, https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-ui-1568x1111.webp 1568w\" sizes=\"auto, (max-width: 1772px) 100vw, 1772px\" \/><figcaption id=\"caption-attachment-21522\" class=\"wp-caption-text\">Labhost user interface<\/figcaption><\/figure>\n<p>Subscription rates ranged <strong>from $179 to $300 per month<\/strong>, attracting <a href=\"https:\/\/gridinsoft.com\/hacker\">many cybercriminals<\/a> seeking to exploit unwary internet users. LabHost provided phishing kits for various services, including Spotify, postal and toll services, and even insurance providers. The platform simplified the phishing operation by managing the backend infrastructure, thus enabling criminals to launch attacks with minimal technical effort.<\/p>\n<h2>Financial Gains and Global Impact<\/h2>\n<p>The effectiveness of LabHost&#8217;s infrastructure was alarmingly evident in the number of its victims. <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/d\/labhost-takedown.html\" rel=\"noopener noreferrer nofollow\" target=\"_blank\">According to Trend Micro<\/a>, <strong>over 164,000 individuals<\/strong> in Australia and the U.K. had been duped into submitting their details on these fraudulent pages. The phishing sites were sophisticated enough <a href=\"https:\/\/gridinsoft.com\/social-engineering\">to fool users<\/a> into entering sensitive information. Among others were credit card numbers, passwords, and even two-factor authentication codes.<\/p>\n<p>The U.K. Metropolitan Police highlighted the financial scale of this criminal enterprise, estimating that LabHost had amassed <strong>around \u00a31 million<\/strong> from its illegal activities. The service reportedly accumulated data on nearly half a million credit cards and secured over a million passwords.<\/p>\n<p style=\"padding-top:15px;padding-bottom:15px;\"><a href=\"\/download\/antimalware\" rel=\"nofollow\"><img loading=\"lazy\" loading=\"lazy\" decoding=\"async\" src=\"\/blogs\/wp-content\/uploads\/2022\/07\/env02.webp\" alt=\"LabHost Phishing Service Taken Down by Police\" width=\"798\" height=\"336\" class=\"aligncenter size-full\" title=\"\"><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Authorities have seized the LabHost phishing service, accused of stealing personal information from victims worldwide. This service specialized in creating fake websites to harvest user data illegally. However, law enforcement agencies have taken down in a series of coordinated raids in several countries. LabHost reportedly accumulated data on nearly half a million credit cards and [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":21530,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[15],"tags":[416,131],"class_list":{"0":"post-21478","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security-news","8":"tag-darknet","9":"tag-phishing"},"featured_image_src":"https:\/\/gridinsoft.com\/blogs\/wp-content\/uploads\/2024\/04\/labhost-2.webp","author_info":{"display_name":"Stephanie Adlam","author_link":"https:\/\/gridinsoft.com\/blogs\/author\/adlam\/"},"_links":{"self":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts\/21478","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/comments?post=21478"}],"version-history":[{"count":22,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts\/21478\/revisions"}],"predecessor-version":[{"id":27109,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/posts\/21478\/revisions\/27109"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/media\/21530"}],"wp:attachment":[{"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/media?parent=21478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/categories?post=21478"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gridinsoft.com\/blogs\/wp-json\/wp\/v2\/tags?post=21478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}