February 27, 2024 at 02:23PM
The Phishing as a Service (PhaaS) platform ‘LabHost’ has become a major concern, aiding cybercriminals in targeting North American banks, particularly Canadian institutions. LabHost offers customizable phishing kits, infrastructure, and a real-time phishing management tool for a monthly fee. Their new SMS spamming tool, ‘LabSend,’ further extends their reach in conducting phishing attacks. This accessibility to cybercrime tools poses a significant threat to cybersecurity.
The meeting notes highlight the significant impact of the Phishing as a Service (PhaaS) platform ‘LabHost’ on cybercriminal activities, particularly targeting North American banks, with a focus on Canadian financial institutions.
LabHost’s surge in popularity was attributed to the introduction of custom phishing kits for Canadian banks in the first half of 2023, leading to it overtaking the previous favorite PhaaS platform, Frappo, and becoming the primary force behind phishing attacks targeting Canadian bank customers.
Despite experiencing a disruptive outage in early October 2023, LabHost has restored its activity to notable levels, carrying out several hundred attacks per month. Fortra’s observations and analysis revealed that LabHost offers three membership tiers catering to different geographical targets and includes phishing kits not only for banks but also for various online services and regional telecommunication providers.
Furthermore, LabHost provides cybercriminals with customization options and a real-time phishing management tool named LabRat, enabling them to conduct man-in-the-middle style attacks to steal 2FA protection on targeted accounts. Moreover, following the October disruption, LabHost introduced a new SMS spamming tool named ‘LabSend,’ intended to coordinate automated smishing campaigns across multiple sources to evade the detection of malicious spam messages.
Fortra’s analysis emphasizes that the proliferation of PhaaS platforms like LabHost, ‘Greatness’, and ‘Robin Banks’ has significantly expanded the pool of threat actors and impacted cybersecurity on a broader scale, reflecting the increasing accessibility of cybercrime even for unskilled hackers.
In conclusion, LabHost’s activities, tools, and impact underscore the need for vigilant monitoring and robust cybersecurity measures to mitigate the growing threats posed by PhaaS platforms.