Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide.
A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information like passwords, email addresses, and bank details.
LabHost has helped criminals create over 40,000 fraudulent websites and steal data from over 70,000 victims in the UK alone. Scammers used the service to steal vast amounts of information, including 480,000 card numbers, 64,000 PINs, and over one million passwords.
By the start of 2024, LabHost had over 2,000 registered users paying a monthly subscription fee. Those with "worldwide membership" could target victims internationally, at a charge of £200 to £300 per month.
37 suspects have been arrested across the UK and by international law enforcement agencies, including at Manchester and Luton airports, London, and Essex. In addition, over 70 addresses in the UK and worldwide have been searched.
Yesterday, LabHost and its associated fraudulent sites were replaced with a police announcement that they had been seized.
Meanwhile, about 25,000 UK-based victims who have been identified are due to receive text messages warning them about potential fraud and advising them to visit a Metropolitan Police website for guidance.
Meanwhile, in a stylish move by police, hundreds of LabHost service criminals have been emailed a personalised "LabHost Wrapped" video, signaling that police know their identities and activities. The aim is to undermine their confidence and deter future use of such services in future.
Seems to me that a new role has emerged for those who want a career in cybersecurity: Cybercriminal Troll.
— Graham Cluley (@gcluley) April 18, 2024
Police around the world are making videos to scare the bejeezus out of scammers and hackers, revealing in a jaunty way how they are about to be busted.
Nice one… pic.twitter.com/Ovql1Y0lEr
"You are more likely to be a victim of fraud than any other crime," said Metropolitan Police Deputy Commissioner Dame Lynne Owens. "Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing. But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source."
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.
Learn More About LabHost
Fortra has been monitoring malicious activity targeting Canadian banks conducted by LabHost the past couple of years.