Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Phishing-as-a-service operation shut down in global operation

Indonesian authorities have arrested the operators of a US-hosted phishing-as-a-service (PaaS) operation after an investigation involving Interpol, the FBI, and the Japanese National Police Force.

user icon David Hollingworth
Fri, 11 Aug 2023
Phishing-as-a-service operation shut down in global operation
expand image

The PaaS platform, known as 16shop, sold phishing kits to individual hackers, who then sent emails to victims containing malicious PDF files or links, which in turn tricked victims into sharing personal details and credit card information.

Interpol’s cyber crime division first noticed the operation while investigating cyber crime in the Association of South-East Asian Nations (ASEAN) region. Working with an array of private sector partners – including Group-IB, Palo Alto Networks’ Unit 42 and Trend Micro, among others – Interpol’s investigators were able to trace the identity of the service’s operator and his location in Indonesia.

In the meantime, since the operation was hosted on US servers, the FBI and Interpol’s National Central Bureau in Washington were able to secure more information for Indonesian authorities.

============
============

With this information, Indonesian police, working with the Indonesian National Police’s Directorate of Cyber Crimes, were able to arrest a 21-year-old man. A number of luxury cars and electronic items were seized.

Following this arrest, and the discovery of more information, Japanese police were able to make two more arrests linked to the phishing operation.

“Phishing isn’t a new phenomenon, but when the crime-ware is being offered widely on subscription and to automate phishing campaigns, it enables any person to leverage this type of service to launch a phishing attack with a few clicks,” said Brigadier General Adi Vivid Agustiadi Bachtiar, director of the Indonesian National Police’s Cyber Crime Investigation, in a statement.

“This operation is only successful as we work closely with various stakeholders from the law enforcement community as well as the private sectors to uproot the root problem to stop the crime-ware being offered as a service and also stopping more people from falling victim to phishing attacks.”

Bernardo Pillot, Interpol’s assistant director of cyber crime operations, commented on the borderless nature of such crime.

“Cyber attacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating,” Pillot said.

“In recent years, we have seen an unprecedented increase in both the number of cyber threats and their sophistication, with attacks becoming more tailored as criminals aim for maximum impact, and maximum profit.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.