November 13, 2023 at 01:06AM
Malaysian law enforcement, with assistance from the Australian Federal Police and the U.S. Federal Bureau of Investigation, has shut down the phishing-as-a-service operation BulletProofLink. Eight individuals have been arrested and authorities seized servers, computers, jewelry, vehicles, and cryptocurrency wallets. BulletProofLink provided phishing templates to other actors, mimicking login pages of well-known services. The operation is associated with AnthraxBP, also known as TheGreenMY and AnthraxLinkers. It had around 8,138 active clients and used Evilginx2 for adversary-in-the-middle attacks.
Meeting Notes Summary:
– Malaysian law enforcement authorities announced the takedown of a phishing-as-a-service operation called BulletProofLink.
– The operation was based in Malaysia and involved assistance from the Australian Federal Police and the U.S. Federal Bureau of Investigation.
– Eight individuals, including the syndicate’s mastermind, were arrested in various locations in Malaysia.
– Authorities confiscated servers, computers, jewelry, vehicles, and cryptocurrency wallets amounting to approximately $213,000.
– BulletProofLink provided phishing templates on a subscription basis, mimicking login pages of well-known services.
– The operation engaged in double theft, sending stolen credentials to both customers and core developers for monetization.
– The threat actor associated with BulletProofLink operated on multiple underground forums and Telegram channels.
– BulletProofLink is estimated to have had over 8,000 active clients and 327 phishing page templates.
– The operation utilized Evilginx2 for adversary-in-the-middle attacks, allowing access to session cookies and bypassing multi-factor authentication.
– Threat actors are now employing intermediary links to bypass email security mitigations.
– In a separate case, a drug trafficking platform called Monopoly Market on the dark web was taken offline, and its operator pleaded guilty to drug trafficking charges.
Please note that this summary is based on the provided meeting notes and may not include all relevant details.