Law enforcement, including the FBI and Indonesian police, dismantled the W3LL phishing platform, seized infrastructure and domains, and arrested the alleged developer. The W3LL kit and its W3LLSTORE marketplace enabled buyers to create MFA-bypassing fake login portals, sell thousands of compromised accounts, and facilitate over $20 million in attempted fraud. #W3LL #W3LLSTORE
Keypoints
- FBI and Indonesian police seized W3LL infrastructure and arrested its alleged developer.
- W3LL sold customizable phishing kits for about $500 that created convincing fake login portals.
- Stolen credentials were used to bypass multifactor authentication and maintain unauthorized access.
- W3LLSTORE marketed thousands of compromised accounts for sale and enabled over $20 million in attempted fraud.
- Group-IB linked W3LL activity to attacks on more than 56,000 corporate Microsoft 365 accounts and a network of at least 500 threat actors.
Read More: https://therecord.media/phishing-takedown-indonesia-fbi