The US-FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. The published domains were registered between November 2021 and April 2024, the time of their seizure, and are being shared to increase awareness and provide indicators of compromise. LabHost was a major PhaaS platform that sold access to an extensive set of phishing kits targeting US and Canadian banks for be
phishing kits (2)
Last week Microsoft Security issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription and all the tools needed to conduct a campaign. The phishing-as-a-service, or PHaaS, model differs from the phishing kits that many gangs have used in that it is more expansive and handles many of the small details that could befuddle a less tech-savvy attacker.
"It's worth noting that some PhaaS groups may offer the whole deal - from template c
