Notorious Phishing-as-a-Service Platform Shuttered

Cyber Security Threat Summary:
“A phishing-as-a-service (PaaS) platform which may have been responsible for over 150,000 phishing domains has been taken offline after an Interpol-led operation, the policing group said. Interpol teamed up with investigators in Indonesia, Japan and the US and industry partners the Cyber Defense Institute, Group-IB, Palo Alto Networks Unit 42, Trend Micro and Cybertoolbelt to make the arrests” (Info Security Magazine, 2023).

The Phishing operation called “16shop” sold phishing kits designed to easily setup phishing websites used to target Apple, PayPal, American Express, Amazon, and Cash App. Depending on the targeted brand, the kits would sell for $60-150. The tool can be used to display relevant content depending on the victim’s location and can steal payment details and credentials in eight languages. Victims hailed from Germany, Japan, France, the USA, the UK, Thailand and elsewhere.

Security Officer Comments:
Interpol says the 16shop kit helped cybercriminals defraud 70,000 victims in 43 countries. The takedown was the result on “intensive intelligence-sharing” between law enforcement and industry partners from various countries. The administrator of the PaaS website was also apprehended in Indonesia, local police arrested a 21 year old man, also seizing electronic items and several luxury vehicles in his possession. Two other suspects were arrested in Indonesia and Japan.