Group-IB helps dismantle Canadian PhaaS provider Labhost

Group-IB, a leading cybersecurity company aimed at investigating, preventing, and fight digital crime announced today that it participated in a coordinated global takedown operation against prominent Canadian Phishing-as-a-Service (PhaaS) provider LabHost, which has led to the arrest of 37 suspects across the United Kingdom and around the world by law enforcement agencies. As part of the operation, Group-IB also conducted an extensive analysis of LabHost’s criminal history and infrastructure, including insights into LabHost’s administrative platform and the services it provides to its purported user base which exceeds 2,000 subscribers worldwide, who illegally obtained around 480,000 card numbers, 64,000 pin numbers, and over 1 million passwords from victims used for websites and other online services, according to law enforcement agencies.

“By leveraging our Threat Intelligence and Digital Risk Protection, we are able to identify and monitor phishing attacks and websites like those deployed by LabHost and its subscribers around the world, enabling us to actively alert and protect our customers, and in turn, their customers as well. Today’s takedown operation demonstrates the agility and responsiveness of our decentralized Digital Crime Resistance Centers, and how quickly we can provide immediate and local assistance wherever our customers may be.”

Dmitry Volkov

CEO of Group-IB

The “membership plans” that target LabHost offers as part of its turn-key services.

First uncovered in late 2021, LabHost emerged as a fully automated Phishing-as-a-Service (PhaaS) platform, streamlining the creation of phishing websites meticulously mirroring the interface and functionality of prominent banking, postal, and financial entities, aimed at intercepting, seizing, and profiting from users’ personal, credit card, and online banking credentials. Users are prompted to select from various “membership plans,” tailored to target businesses and individuals in either the United States and Canada, or globally, akin to mobile subscription models. These plans encompass “standard,” “premium,” and “world membership” tiers, priced between US$179 and US$300 monthly, with options for monthly, quarterly, or annual billing cycles.

Screenshots of the “LabRat” console which enables cybercriminals to monitor its victims in real time and generate prompts that would direct their victims to provide sensitive information including two-factor authentication codes and other financial and personal details.

About Group-IB

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Group-IB’s decentralized and autonomous operational structure helps it offer tailored, comprehensive support services with a high level of expertise. We map and mitigate adversaries’ tactics in each region, delivering customized cybersecurity solutions tailored to risk profiles and requirements of various industries, including retail, healthcare, gambling, financial services, manufacturing, crypto, and more.

The company’s global security leaders work in synergy with some of the industry’s most advanced technologies to offer detection and response capabilities that eliminate cyber disruptions agilely.

Group-IB’s Unified Risk Platform (URP) underpins its conviction to build a secure and trusted cyber environment by utilizing intelligence-driven technology and agile expertise that completely detects and defends against all nuances of digital crime. The platform proactively protects organizations’ critical infrastructure from sophisticated attacks while continuously analyzing potentially dangerous behavior all over their network.

The comprehensive suite includes the world’s most trusted Threat Intelligence, The most complete Fraud Protection, AI-powered Digital Risk Protection, Multi-layered protection with Managed Extended Detection and Response (XDR), All-infrastructure Business Email Protection, and External Attack Surface Management.

Furthermore, Group-IB’s full-cycle incident response and investigation capabilities have consistently elevated industry standards. This includes the 77,000+ hours of cybersecurity incident response completed by our sector-leading DFIR Laboratory, more than 1,400 successful investigations completed by the High-Tech Crime Investigations Department, and round-the-clock efforts of CERT-GIB.

Time and again, its solutions and services have been revered by leading advisory and analyst agencies such as Aite Novarica, Gartner®, Forrester, Frost & Sullivan, KuppingerCole Analysts AG, and more.

Being an active partner in global investigations, Group-IB collaborates with international law enforcement organizations such as INTERPOL, EUROPOL and AFRIPOL to create a safer cyberspace. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security, which was created to foster closer cooperation between Europol and its leading non-law enforcement partners.

Group-IB takes part in a global operation to cripple Canadian Phishing-as-a-Service provider LabHost