LabHost’s phishing-as-a-service platform was disrupted by a law enforcement crackdown.

One of the largest phishing-as-a-service platforms, LabHost, was severely disrupted by law enforcement officials in 19 countries during a year-long operation that resulted in 37 arrests.

LabHost’s phishing-as-a-service platform was disrupted by a law enforcement crackdown.

According to a recent statement from Europol, those responsible for the LabHost Phishing as a Service (PhaaS) platform were arrested last month.

37 suspects were arrested during a three-day coordinated search, which disrupted the known service.

LabHost’s closure is a victory in the war against cyberattacks, as it is responsible for managing more than 40,000 domains used in phishing campaigns and has more than 10,000 threat actors subscribing to the service for an average annual cost of $249.

The platform presented 170 impersonated brand websites and praised the use of LabRat, a tool that Europol says is intended to capture two-factor authentication codes and credentials, allowing criminals to bypass security enhancements.

There is another angle to this story, one of perspective and caution. Today, there are additional PhaaS platforms offering similar services. The popularity of LabHost shows a growing market of threat actors willing and ready to initiate cyberattacks if they have the right resources.

As a result, it is highly likely that LabHost’s 10,000 “customers” will simply move to another platform and continue their attacks, forcing companies to be vigilant when interacting with email content that requires access to cloud-based applications such as Microsoft 365, among others.