Security News Police takes down BulletProftLink large-scale phishing provider

Gandalf_The_Grey

Level 75
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,437
The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.

The operation started in 2015 but came to researchers' radar later and became more active since 2018 and had thousands of subscribers, some of them paying for access to batches of credential logs.

PhaaS platforms provide cybercriminals with tools and resources to carry out phishing attacks through “ready-to-use” kits and templates, page hosting, customization options, credential harvesting, and reverse proxying tools.

The BulletProftLink operation has been documented before. In 2020, a cybersecurity expert Gabor Szathmari detailed in a three-part series of open-source intelligence research [1, 2, 3] how he linked with high confidence the operator of the service to a Malaysian national living a life of luxury.

A Microsoft report in September 2021 warned about the high volume of phishing attacks it could facilitate and the large number of templates available to buyers. The service also collected all credentials its subscribers (1,618 at the time) stole in phishing attacks.
 

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,123
The Royal Malaysian Police have announced the takedown of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. This platform provided cybercriminals with more than 300 phishing templates, making it easier for them to carry out phishing attacks. The operation started in 2015, but it gained more attention from researchers in recent years and became more active since 2018. It had thousands of subscribers, some of whom paid for access to batches of credential logs.

PhaaS platforms like BulletProftLink offer cybercriminals a range of tools and resources to conduct phishing attacks. These include ready-to-use kits and templates, page hosting, customization options, credential harvesting, and reverse proxying tools. By providing these resources, PhaaS platforms make it easier for cybercriminals to carry out phishing attacks, which can lead to the theft of sensitive information such as login credentials and financial data.

The BulletProftLink operation has been previously documented by cybersecurity expert Gabor Szathmari. In a three-part series of open-source intelligence research, he linked the operator of the service to a Malaysian national living a luxurious lifestyle. This highlights the global nature of cybercrime and the need for international cooperation to combat such activities.

A Microsoft report in September 2021 also warned about the high volume of phishing attacks that could be facilitated by BulletProftLink and the large number of templates available to buyers. The service even collected all the credentials stolen by its subscribers through phishing attacks, which numbered 1,618 at the time of the report.

The takedown of BulletProftLink is a significant achievement in the fight against cybercrime. It disrupts a major phishing-as-a-service operation and sends a strong message to other cybercriminals. However, it is important to remain vigilant as new platforms and techniques will likely emerge to fill the void left by BulletProftLink. Continued collaboration between law enforcement agencies, cybersecurity experts, and technology companies is crucial to staying one step ahead of cybercriminals and protecting individuals and organizations from phishing attacks.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top