Two men have been arrested in Ireland as part of a major international policing operation targeting a platform used to carry out organized ‘smishing’ and ‘phishing’ fraud.
'Phishing' relates to the sending of fraudulent emails, where the recipient is tricked into installing harmful software such as malware on their device, or into handing over sensitive information like a password or PIN number, banking details or other information. ‘Smishing’ is the text message equivalent.
Operation Stargrew is a Europol investigation into a web-based platform called ‘LabHost’ which provides a range of illicit services to criminals enabling them to carry out cyberfraud.
According to Europol, those who join the platform use cryptocurrency to rent a cloud-based server for the purposes of creating a fake copy of a genuine company’s website.
The user then receives a URL for this phony website that can be included in scam emails and texts which can be sent to thousands of targets at once via bulk-messaging bots. The The site has now been taken offline, replaced by a Europol seizure notice.
On Wednesday, officers from the Garda National Economic Crime Bureau (GNECB), with assistance from gardaí at the Armed Support Unit, Garda National Cyber Crime Bureau, Garda National Immigration Bureau, Garda Dog Unit, gardaí seconded to the Special Investigation Unit at the Department of Social Protection, the Criminal Assets Bureau (CAB), and local units in the DMR West and DMR South Divisions, carried out searches at 12 properties across Dublin, Waterford, and Kildare.
During these searches, €42,000 in cash, €10,000 in cryptocurrency, 82 smartphones, 25 computers, 9 tablet devices, and a Rolex watch were seized. Two men were subsequently arrested, one of whom has been charged to appear before the courts at a later date.
Gardaí believe that around 116 users of the LabHost platform have a connection to Ireland. They have also identified more than 150,000 instances of people responding to phishing/smishing links associated with these individuals. These 116 LabHost users primarily targeted people here, though some are understood to have also targeted people in the UK, Australia, New Zealand, Austria, Norway, Estonia, Finland, and other countries.
Overall, police from 19 different law enforcements agencies around the world have searched 70 addresses and arrested 37 people as part of Operation Stargew. Four people arrested by police in the UK are believed to have been the ones running the LabHost site.
“Platforms such as LabHost make cybercrime more easily accessible for unskilled hackers, significantly expanding the pool of threat actors,” a Europol spokesperson said.
“Yet, however user-friendly the service portrays itself to be, its malicious use constitutes an illegal activity – and the penalties can be severe.
“A vast amount of data gathered throughout the investigation is now in the possession of law enforcement. This data will be used to support ongoing international operational activities focused on targeting the malicious users of this phishing platform.”