In a collaborative operation between Interpol and cybersecurity firms, the notorious 16shop phishing-as-a-service (PhaaS) platform has been dismantled, resulting in the arrest of its operator and two facilitators.
Phishing-as-a-service platforms offer an all-in-one solution for cybercriminals to carry out phishing attacks, providing tools like email distribution, ready-made phishing kits, hosting, and victim overview dashboards. Group-IB, assisting Interpol, revealed that 16shop had targeted major brands like Apple, PayPal, and Amazon, creating 150,000 phishing pages that compromised around 70,000 users from various countries.
Furthermore, these platforms pose a significant risk by simplifying phishing attacks, allowing inexperienced cybercriminals to initiate campaigns with ease. The successful takedown of 16shop marks a significant achievement in the battle against cybercrime, illustrating the importance of global cooperation in combating online threats.
The 21-year-old platform operator was apprehended in Indonesia, while two facilitators were arrested in Japan and Indonesia respectively, showcasing the effectiveness of the joint operation. Interpol, supported by private sector partners, managed to identify and locate the platform’s administrator, leading to the shutdown of the platform responsible for stealing personal information, account credentials, credit card numbers, and more.
