![[The AI Show Episode 145]: OpenAI Releases o3 and o4-mini, AI Is Causing “Quiet Layoffs,” Executive Order on Youth AI Education & GPT-4o’s Controversial Update](https://www.marketingaiinstitute.com/hubfs/ep%20145%20cover.png)
![Google Home app fixes bug that repeatedly asked to ‘Set up Nest Cam features’ for Nest Hub Max [U]](https://i0.wp.com/9to5google.com/wp-content/uploads/sites/4/2022/08/youtube-premium-music-nest-hub-max.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1)
![Epic Games Wins Major Victory as Apple is Ordered to Comply With App Store Anti-Steering Injunction [Updated]](https://images.macrumors.com/t/Z4nU2dRocDnr4NPvf-sGNedmPGA=/2250x/article-new/2022/01/iOS-App-Store-General-Feature-JoeBlue.jpg)
42,000 Phishing Domains Linked to the LabHost PhaaS Service Disclosed by FBI
The FBI has released a comprehensive list of 42,000 phishing domains connected to the dismantled LabHost phishing-as-a-service (PhaaS) platform. This disclosure aims to provide cybersecurity professionals with valuable intelligence on one of the world’s largest phishing operations that targeted millions of victims before its takedown in April 2024. LabHost, which operated between November 2021 and […] The post 42,000 Phishing Domains Linked to the LabHost PhaaS Service Disclosed by FBI appeared first on Cyber Security News.
The FBI has released a comprehensive list of 42,000 phishing domains connected to the dismantled LabHost phishing-as-a-service (PhaaS) platform.
This disclosure aims to provide cybersecurity professionals with valuable intelligence on one of the world’s largest phishing operations that targeted millions of victims before its takedown in April 2024.
LabHost, which operated between November 2021 and April 2024, was a sophisticated PhaaS platform that provided cybercriminals with tools to create convincing phishing websites impersonating more than 200 legitimate organizations.
These included major banks, government institutions, postal services, and online streaming platforms. The service was used by approximately 10,000 cybercriminals worldwide who paid monthly subscription fees ranging from $179 to $300.
42,000 Phishing Domains Disclosed by FBI
“The platform enabled cyber criminals to impersonate more than 200 organizations, including major banks and government institutions, in an effort to collect personal information and banking credentials from unsuspecting victims worldwide,” the FBI stated in its report.
The bureau obtained the domain names and creation dates directly from LabHost’s backend servers following the platform’s dismantling.
What made LabHost particularly dangerous was its comprehensive suite of services. The platform offered infrastructure configuration, customized phishing page creation, adversary-in-the-middle proxy connections to bypass two-factor authentication, SMS smishing capabilities, and stolen credential management. A core feature called “LabRat” allowed criminals to monitor phishing attacks in real-time and intercept authentication codes.
The scale of LabHost’s operation was staggering. According to the FBI, the platform’s infrastructure stored over one million user credentials and nearly 500,000 compromised credit cards, enabling financial theft, fraud schemes, and money laundering. These stolen credentials impacted over a million victims globally.
LabHost was taken down in April 2024 following a year-long international investigation coordinated by Europol and involving law enforcement agencies from 19 countries. The operation resulted in 70 searches across the globe and 37 arrests, including four key LabHost operators in the United Kingdom.
The FBI emphasized that while these domains are historical in nature and may not currently be active for malicious purposes, the list provides valuable insight for network defenders and cyber threat intelligence personnel on adversary tactics and techniques.
“Historical research that identifies connections to any of these domains should prompt additional response and follow-up with the impacted user(s),” the FBI advised.
The full list of domain names is available at the FBI’s Internet Crime Complaint Center website. Organizations that identify activity related to these indicators are encouraged to take immediate action to mitigate potential impacts and prepare for incident response.
This release represents a significant resource for the cybersecurity community in its ongoing battle against phishing threats, providing tangible indicators from one of the most sophisticated phishing operations in recent years.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post 42,000 Phishing Domains Linked to the LabHost PhaaS Service Disclosed by FBI appeared first on Cyber Security News.
