“The platform enabled cyber criminals to impersonate more than 200 organizations, including major banks and government institutions, in an effort to collect personal information and banking credentials from unsuspecting victims worldwide,” the FBI stated in its report. LabHost, which operated between November 2021 and April 2024, was a sophisticated PhaaS platform that provided cybercriminals with tools to create convincing phishing websites impersonating more than 200 legitimate organizations. This disclosure aims to provide cybersecurity professionals with valuable intelligence on one of the world’s largest phishing operations that targeted millions of victims before its takedown in April 2024. The platform offered infrastructure configuration, customized phishing page creation, adversary-in-the-middle proxy connections to bypass two-factor authentication, SMS smishing capabilities, and stolen credential management. The FBI emphasized that while these domains are historical in nature and may not currently be active for malicious purposes, the list provides valuable insight for network defenders and cyber threat intelligence personnel on adversary tactics and techniques. The FBI has released a comprehensive list of 42,000 phishing domains connected to the dismantled LabHost phishing-as-a-service (PhaaS) platform. This release represents a significant resource for the cybersecurity community in its ongoing battle against phishing threats, providing tangible indicators from one of the most sophisticated phishing operations in recent years. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. A core feature called “LabRat” allowed criminals to monitor phishing attacks in real-time and intercept authentication codes.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 30 Apr 2025 16:30:06 +0000