Police have searched premises in Auckland with warrants, as part of an international operation coordinated by Europol against the LabHost phishing-as-a-service platform.
Three unnamed suspected LabHost users in New Zealand have been identified, Police said. A number of computers and electronic devices were seized along with documents.
The three suspected LabHost users have been arrested, but their identities have not yet been revealed.
Detective Sergeant Richard Briscoe said LabHost enabled users of the platform to operate phishing kit websites. These imitate actual websites, so as to trick victims of text phishing messages into entering banking and other online account credentials.
Across the Tasman, Home Affairs and Cybersecurity Minister Claire O'Neill said five Australians have been arrested as part of the operation, code-named Camperdown.
Big news in the cyber world: Five Australians have been arrested and 32 overseas, following an international police takedown of LabHost involving law enforcement agencies from across the world including the @AusFedPolice. pic.twitter.com/nrQpnOzecG
— Clare O'Neil MP (@ClareONeilMP) April 18, 2024
LabHost, also known as LabRat after the management tool used to capture two-factor authentication is one of many PhaaS providers. Security vendor Trend Micro said LabHost was one of the most popular in the digital crime market.
Users would pay between US$179 to US$300 a month, in Bitcoin, and the criminal operation saw over 2000 users since 2021, the UK Metropolitan Police said.
So far, 37 suspects have been arrested worldwide, with 70 addresses being searched.
Over 40,000 fraudulent sites have been created and the LabHost operators are said to have earnt US$1.173 million from its users. Tens of thousands of victims have fallen prey to LabHost criminals, police said.
Europol said the operation was run by people in Britain, with four being detained there.
2 Comments
Glad they got these dudes, the people vulnerable to these types of scams seem to be largely older generations who seem to just trust a text message or email that asks them to log in to a bank account. Makes me sick reading about pensioners taken for tens of thousands.
The people who sell these guys dozens of prepaid SIM cards each week need to face some kind of liability as well.
Sadly it was also much of the younger generation that were more likely targets. Hopeful enthusiasm (instead of cynicism) and a larger amount of mobile and online use is more traits of the younger gen and sadly that makes them more of an easy target. Also a lack of understanding into what necessitates a valid business operating in NZ, and reasonable information requests. Older folks might prefer and look for the bricks and mortar aspect; they often use the more accessible means of trading (which means they often don't have contact with phishers as much). But phishing attacks offering "helpful online service access" for those who prefer online services to physical, SM ads and influencers pushing scams, mobile contact from "investment" "companies" pushing sure wins etc affects the younger gens more. Especially those that have less mathematical, literacy, financial, and critical thinking education. Yeah sadly NZ is becoming more of an easy target with each gen given the state of the school system & the degree of absolute belief in misinformation.
Many of the older gens don't have a email susceptible to attacks and often don't use mobile phones for banking as much. As much as people like to laugh at that that is also the practice of many security techs as the attack surface is reduced if you are not sharing out your main email as often, don't sign up for things that could leak data, and use less features on more locked down devices. It also helps to avoid SM marketing in general. Which in turn means the more advanced tech and online service avoidance you have, intentional & unintentional, the less likely you are to face a phishing attack. Desiring to always be on the cutting edge can mean you just end up cutting yourself, (as any beta tester with experience will be familiar with or the early adopters of new updates who are the beta testers).
We welcome your comments below. If you are not already registered, please register to comment.
Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.