LabHost, a Phishing as a Service (PhaaS) platform, has emerged as a significant threat to North American banks, with a particular focus on financial institutions in Canada.
This surge in activity has led to a notable increase in phishing attacks targeting Canadian bank customers.
Rising Popularity of LabHost
Phishing campaigns are everywhere, and LabHost proves that the attacks are not stopping soon. In North America, particularly in Canada, these activities often target banks.
While LabHost is not a newcomer to the scene, its popularity skyrocketed after introducing custom phishing kits tailored for Canadian banks in the first half of 2023.
According to reports from Fortra, LabHost has surpassed its predecessor, Frappo, becoming the primary driver behind most phishing attacks targeting Canadian banks.
Despite experiencing a disruptive outage in early October 2023, LabHost swiftly restored its operations to notable levels, facilitating several hundred attacks per month.
Related Article: Blackcat Ransomware Gang Sparks Outage at United Health's Tech Unit: Here's How It Started
Exploring LabHost's Offerings
LabHost offers three membership tiers: Standard, Premium, and World, priced at $179/month, $249/month, and $300/month, respectively.
Each tier caters to different geographic regions, with the Standard tier focusing on Canadian banks, the Premium tier including U.S. banks, and the World tier targeting institutions worldwide, excluding North America.
In addition to phishing kits for banks, LabHost provides templates for phishing pages targeting various online services, postal delivery companies like DHL, and regional telecommunication service providers. This diverse range of templates empowers cybercriminals to launch customized attacks quickly.
Advanced Features and Tools
One of LabHost's prominent features is its integration with "LabRat," a real-time phishing management tool. LabRat allows cybercriminals to monitor and control active phishing attacks, stealing two-factor authentication (2FA) codes and bypassing additional security measures.
Furthermore, LabHost introduced a new SMS spamming tool called "LabSend" following the October disruption, Bleeping Computer reports. LabSend automates smishing campaigns by embedding links to LabHost phishing pages in SMS messages, with randomized text to evade detection of malicious spam messages.
"After sending an SMS lure, LabSend will auto reply to victims' responses using customizable message templates," Fortra says.
Phishing Attacks Are Nuisance
The proliferation of PhaaS platforms like LabHost poses a significant challenge to cybersecurity. These platforms democratize cybercrime, making it accessible to unskilled hackers and expanding the pool of threat actors.
Notable PhaaS platforms like 'Greatness' and "Robin Banks" have also garnered attention for their sophisticated features, including multi-factor authentication (MFA) bypassing and custom phishing kits.
The rise of LabHost underscores the importance of robust cybersecurity measures to combat evolving threats in the digital landscape.
Cybercriminals are expected to continue to exploit vulnerabilities, so for the part of organizations, extreme vigilance and proactive measures are needed to shield themselves from these pesky attacks.
Earlier this year, authorities shut down over 1,300 cybercrime servers globally. Spearheaded by Operation Synergia, the operation successfully thwarted the hackers from launching ransomware, malware, and other forms of campaigns.
