Authorities take down phishing-as-a-service platform iServer
Europol and law enforcement agencies from Argentina, Chile, Colombia, Ecuador, Peru, and Spain have dismantled an international criminal network that was engaged in unlocking lost or stolen phones through a phishing platform called iServer.
Like other phishing-as-a-service platforms, iServer provided software that automated the process of creating phishing pages and was specifically developed for low-skilled cybercriminals and hackers.
Nevertheless, iServer wasn’t your typical phishing-as-a-service supplier. Its primary focus was to obtain device passwords and information, user credentials from cloud-based mobile platforms, and other personal information from stolen and locked mobile phones, including IMEI numbers, contact information, and other owner details.
The software offered means to create a phishing page that would resemble popular cloud-based mobile service platforms. Criminals would utilize phishing domains provided by iServer, or create their own to set up a phishing attack.
After selecting an attack scenario, iServer would create a phishing page and send out an SMS to the victim saying his smartphone was found. A malicious redirector link was used, pretending to identify the user’s identity. In reality it was nothing more than a sneaky way to collect a victim’s credentials, turn off Lost Mode and separate the device from the owner’s account.
Lastly, the stolen login credentials were passed on to the criminals who were in possession of stolen phones.
According to Europol, the iServer phishing-as-a-service platform was active for five years and was primarily used in North and South American countries, but also in Spanish-speaking regions in Europe. The platform has targeted over 1.2 million mobile phones and claimed approximately 483,000 victims.
Europol’s European Cybercrime Center (EC3) and Ameripol’s Specialised Cybercrime Centre coordinated an international operation that was named ‘Operation Kaerb’, which took place between 10 and 17 September. During the operation, 17 suspects were arrested, 28 properties were searched, and 921 items were seized, ranging from electronic devices and vehicles to weapons.
Europol recommends using antivirus software on all your devices and keeping the security software and operating systems up-to-date. In addition, users should create a unique password for all their online accounts. Finally, users should think twice before clicking a link or opening an attachment as this could be an attempt of criminals to obtain their credentials.
Your email address will not be published. Required fields are marked