LabHost, a notorious platform that fueled large-scale phishing attacks against individuals and financial institutions, has been dismantled following a year-long international investigation.
The coordinated operation, spearheaded by the London Metropolitan Police and supported by Europol, resulted in the seizure of LabHost’s infrastructure and arrests across 19 countries.
LabHost: A Toolkit for Cybercriminals
LabHost operated as a phishing-as-a-service (PhaaS) platform, offering a subscription-based model for launching sophisticated attacks. For a monthly fee, users gained access to phishing kits, customizable fake websites designed to mimic legitimate institutions and real-time attack monitoring tools. Law enforcement uncovered over 40,000 phishing domains linked to the platform.
The ‘LabRat’ campaign management tool was a particularly dangerous feature, allowing cybercriminals to capture sensitive user data and circumvent security measures like two-factor authentication.
