Security News Police takes down BulletProftLink large-scale phishing provider

Gandalf_The_Grey

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,259
Content source
https://www.bleepingcomputer.com/news/security/police-takes-down-bulletproftlink-large-scale-phishing-provider/
The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.

The operation started in 2015 but came to researchers' radar later and became more active since 2018 and had thousands of subscribers, some of them paying for access to batches of credential logs.

PhaaS platforms provide cybercriminals with tools and resources to carry out phishing attacks through “ready-to-use” kits and templates, page hosting, customization options, credential harvesting, and reverse proxying tools.

The BulletProftLink operation has been documented before. In 2020, a cybersecurity expert Gabor Szathmari detailed in a three-part series of open-source intelligence research [1, 2, 3] how he linked with high confidence the operator of the service to a Malaysian national living a life of luxury.

A Microsoft report in September 2021 warned about the high volume of phishing attacks it could facilitate and the large number of templates available to buyers. The service also collected all credentials its subscribers (1,618 at the time) stole in phishing attacks.
Click to expand...
www.bleepingcomputer.com

Police takes down BulletProftLink large-scale phishing provider

The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Wow
Reactions: Nevi, Fel Grossi, [correlate] and 4 others
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,373
The Royal Malaysian Police have announced the takedown of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. This platform provided cybercriminals with more than 300 phishing templates, making it easier for them to carry out phishing attacks. The operation started in 2015, but it gained more attention from researchers in recent years and became more active since 2018. It had thousands of subscribers, some of whom paid for access to batches of credential logs.

PhaaS platforms like BulletProftLink offer cybercriminals a range of tools and resources to conduct phishing attacks. These include ready-to-use kits and templates, page hosting, customization options, credential harvesting, and reverse proxying tools. By providing these resources, PhaaS platforms make it easier for cybercriminals to carry out phishing attacks, which can lead to the theft of sensitive information such as login credentials and financial data.

The BulletProftLink operation has been previously documented by cybersecurity expert Gabor Szathmari. In a three-part series of open-source intelligence research, he linked the operator of the service to a Malaysian national living a luxurious lifestyle. This highlights the global nature of cybercrime and the need for international cooperation to combat such activities.

A Microsoft report in September 2021 also warned about the high volume of phishing attacks that could be facilitated by BulletProftLink and the large number of templates available to buyers. The service even collected all the credentials stolen by its subscribers through phishing attacks, which numbered 1,618 at the time of the report.

The takedown of BulletProftLink is a significant achievement in the fight against cybercrime. It disrupts a major phishing-as-a-service operation and sends a strong message to other cybercriminals. However, it is important to remain vigilant as new platforms and techniques will likely emerge to fill the void left by BulletProftLink. Continued collaboration between law enforcement agencies, cybersecurity experts, and technology companies is crucial to staying one step ahead of cybercriminals and protecting individuals and organizations from phishing attacks.
 
  • Wow
  • Like
Reactions: [correlate] and SumTingWong

Similar threads

CyberPanther
    • +Reputation
    • Like
Scams & Phishing News The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider
Replies
0
Views
1,608
Security News
CyberPanther
CyberPanther
vtqhtr413
    • +Reputation
    • Like
Scams & Phishing News New V3B phishing kit targets customers of 54 European banks
Replies
0
Views
1,644
Security News
vtqhtr413
vtqhtr413
enaph
    • +Reputation
    • Like
    • Wow
Scams & Phishing News Microsoft “Poisons” Phishing Data With Fake Creds to Catch Hackers
Replies
0
Views
1,363
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top