Five people have been taken into custody in Australia and 32 others overseas on suspicion of being as part of a cyber-crime platform used for credential theft.
A statement from the Australian Federal Police said 94,000 people in Australia were among those who had had their personal information stolen.
The operation, conducted across Australia and overseas and co-ordinated by Europol, executed 22 search warrants across five states: Victoria, Queensland, NSW, South Australia and Western Australia. The Australian part of the sting was called Operation Nebulae.
The platform, known as LabHost, was used to trick people into leaking personal information which was stolen through persistent phishing attacks.
{loadposition sam08}The raids were carried out by the AFP's Joint Policing Cybercrime Coordination Centre and arrested a man from Melbourne and one from Adelaide on suspicion of being users of the LabHost platform.
Police officers serving a warrant on one of the alleged offenders. Courtesy: AFP
Additionally, three Melbourne men were arrested by Victoria Police on alleged drug-related charges.
The AFP statement said LabHost had originated in Canada in 2021, targeting North America, and had expanded to the UK and Ireland, before going global. Australia was believed to be among its top three user countries.
LabHost was claimed to have more than 40,000 phishing domains and more than 10,000 global active cyber-criminals using its technology to exploit victims.
LabHost cost about $270 per month and, in exchange, provided complete "phishing kits", including infrastructure to host phishing websites, email and text content generation and campaign overview services.
AFP acting assistant commissioner Cyber Command Chris Goldsmid said: “LabHost alone had the potential to cause $28 million in harm to Australians through the sale of stolen credentials.
“In addition to financial losses, victims of phishing attacks are subject to ongoing security risks and criminal offending, including identity take-overs, extortion and blackmail.
“LabHost is yet another example of the borderless nature of cyber crime and the takedown reinforces the powerful outcomes that can be achieved through a united, global law enforcement front.
“Australians who have used LabHost to steal data should not expect to remain anonymous. Authorities have obtained a vast amount of evidence during this investigation and we are working to identify anyone who has used this platform to target innocent victims.”