- FBI took down Chinese PhaaS ‘Outsider Enterprise’, seizing servers, $100,000 USDT and Telegram bot
- The service operated approximately 9,000 fake sites, over a million URLs, stealing 3.8 million credit cards and causing losses of $1.9 billion.
- Google filed civil suit, claims scammers sent 2.5 million fraudulent text messages in two weeks targeting Android users
The FB) took down a major Chinese phishing-as-a-service (PhaaS) operation called Outsider Enterprise.
In a statement, law enforcement said it seized several admin servers, a Shopify e-commerce storefront and an account that the attackers used to test PhaaS, primarily SMS-based lures.
The FBI also seized approximately $100,000 worth of USDT cryptocurrency, redirected thousands of phishing pages to an FBI classifieds site, and seized a Telegram bot used to store the stolen information.
Google files a complaint
Phishing-as-a-service is a model in which bad actors rent a kit that allows them to easily create fake login pages impersonating major brands, as well as send mass spam and text messages and exfiltrate stolen files.
The FBI says this particular PhaaS was very popular within the cybercriminal community. It was active for approximately three years and was used to generate approximately 9,000 fake websites, as well as at least one million fraudulent URLs. Hackers used this PhaaS to steal more than 3.8 million credit card statements, resulting in losses of approximately $1.9 billion.
This campaign was also followed by legal action from Google. The search engine giant has filed a civil suit against PhaaS infrastructure and is working with major telecommunications providers to block fraudulent messages before they reach their targets.
“Our civil suit targets an organized cybercrime operation known as ‘Outsider Enterprise.’ Based in China and coordinated through Telegram, this network distributes ‘phishing kits’ that allow criminals to launch fake SMS campaigns that appear to come from Google and other trusted brands,” Google said.
Google says that in just two weeks, scammers sent approximately 2.5 million fraudulent text messages to targets using Android devices. Users only reported 55,000 as fraudulent.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
