Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity NewsBanking/Finance/InsuranceGovernment: Federal, State and Local

Security leaders respond to disruption of LabHost, a fraud website

By Security Staff
Glowing police siren

Image via Unsplash

April 29, 2024

LabHost, a notable phishing-as-a-service platform, was disrupted by international investigations. LabHost is considered one of the world's largest fraud websites, offering phishing kits, hosting page infrastructure, campaign overview services and functionality for interacting with targets. Now, the website has been seized and shut down. The investigation has uncovered at least 40,000 phishing domains associated with LabHost and around 10,000 users globally. 

Security leaders weigh in 

Dr. Martin J. Kraemer, Security Awareness Advocate at KnowBe4:

“News like this is important when they hit the national media. These stories are timely reminders that cybercrime is omnipresent, and it would be foolish to assume that one could not be a target. Cybercrime gangs are becoming more common. Law enforcement must reduce the accessibility and attractiveness of online fraud schemes. We must put a stop to the increasing trend of cybercrime turning into an opportunity business for aspiring cyber criminals. Sending out videos to all 800 users of the illegal services to scare them off is therefore a good step by law enforcement.

“Taking down cybercrime networks is the way to go. Shutting down websites alone will obviously not stop people, but seizing their services, and resources, and arresting key people will have an effect.

“Phishing-as-a-service offerings like LabHost contribute to the massive growth of phishing scams worldwide. The quality of these offerings is remarkable. They include entire tool sets to harvest a range of private information including credit card information, multi-factor authentication, or address information. The platform also offered features such as email phishing, SMS phishing, and even management of stolen credentials. Criminals use such service offerings to target businesses and private individuals. Organizations must assume responsibility for empowering their workforce by educating them to make smarter security decisions.

“It is great to see international law enforcement collaborations in taking down cybercrime groups. This is another important step. The first big takedown that tackles phishing after the lockbit ransomware takedown earlier this year. Phishing is the most used attack vector and ransomware as the most common monetization scheme are two important areas to tackle. Law enforcement is clearly stepping up the game and rightly so.”

Malachi Walker, Security Advisor at DomainTools:

“The LabHost platform disruption is the latest in a series of efforts carried out by law enforcement to remove opportunities for and disincentivize malicious activity. In this case, the LabHost phishing-as-a-service platform was being used by malicious actors mainly to target banks and other organizations within the finance sector. Finance is commonly targeted with online sites and domains that spoof legitimate holdings, usually for credential harvesting or spear phishing. Malicious actors targeting the financial services sector range from low-capability crimeware affiliates to the most sophisticated state-sponsored groups.

“This takedown likely impacts the low-capability crimeware affiliates the most so while organizations in the financial sector should be encouraged, they should still be vigilant and engage in standard best practices to protect their organization. The 37 arrests including the original developer can likely be attributed to the law enforcement operation being cited as taking place over the year. The longer history a threat actor has, the more likely their operational security has failed or will fail at some point. Those footholds can shut entire cybercrime organizations down–and they're often based on seemingly innocuous domain registration and hosting decisions. Both of which are incredibly common among those launching phishing campaigns.”

Dr. Ilia Kolochenko, CEO at ImmuniWeb and Adjunct Professor of Cybersecurity at Capital Technology University:

“Modern cybercrime is an incredibly profitable business, while risks of being apprehended — for experienced and well-organized gangs — verge on zero. Eventually, cyber gangs are actively recruiting the youth, namely IT and cybersecurity students, who are happy to make some extra money without much effort.

Most of the newbies do not even realize that they break the law, as their tasks may be pretty innocent, such as designing websites or mobile applications. Some gangs go as far as hiring students on behalf of non-existent penetration testing companies and asking their new “employees” to find vulnerabilities on “client’s” websites.

Worst, duped students are arrested and prosecuted, while cybercrime moguls remain unpunished and continue multiplying their fortunes and hiring new instrumental evildoers. Law enforcement agencies and government should urgently consider investing in educational and awareness campaigns among all students to prevent cybercrime: arrests and criminal prosecution merely treat the symptom, while the disease is swiftly proliferating making more and more victims.”

KEYWORDS: cybercrime international crime International cyber security international investigations organized crime phishing security leaders

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Career Intelligence
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • The Keeper of the Plains statue

    Security leaders respond to ransomware attack on the city of Wichita

    See More
  • Text message screen

    Security leaders respond to a sophisticated SMS stealing campaign

    See More
  • American flag

    Security leaders respond to the dismissal of NSA director

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • school security.jpg

    School Security: How to Build and Strengthen a School Safety Program

See More Products

Events

View AllSubmit An Event
  • July 8, 2026

    The 2026 Security Maturity Benchmark Report: Insights From Senior Security Leaders

    ON DEMAND: In this webinar, speakers will share key insights from the 2026 Security Maturity Benchmark Report, including why today’s threat environment demands greater maturity and how to evaluate your organization’s current security posture.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing