Summary: The FBI has published a list of 42,000 phishing domains associated with the dismantled LabHost cybercrime platform, which specialized in phishing-as-a-service (PhaaS) targeting banks. This initiative aims to enhance cybersecurity awareness and provide indicators of potential compromises due to significant historical data associated with these domains. Despite the takedown of LabHost, the domains may still hold value for security professionals in identifying past breaches and preventing future attacks.
Affected: LabHost cybercrime platform, U.S. and Canadian banks
Keypoints :
- LabHost was one of the largest PhaaS platforms, operational from 2021 to 2024, with over 10,000 global customers.
- Phishing kits were sold with advanced features, including 2FA-bypassing mechanisms and real-time management tools.
- The released domain list serves as a critical resource for security teams, aiding in breach detection and future attack mitigation efforts.
- Although the FBI cautions that the domains may contain errors and are historical, analyzing this data can enhance understanding of PhaaS patterns.