Five Australians have been arrested as part of a worldwide sting that took down a cybercrime platform acting as a “one-stop-shop” for phishing.

Authorities from around the world teamed up to target LabHost, a cybercrime platform that offered users a “phishing kit” for a price, allowing them to steal the personal details and money of victims around the world, including in Australia.

Five people were arrested in Australia and a further 32 taken into custody overseas.

As part of the operation, the Australian Federal Police (AFP) and state police authorities executed 22 search warrants in five states on Wednesday, leading to the arrest of an Adelaide man and a Melbourne man.

The AFP will allege that these men were users of LabHost, and they have been charged with cybercrime-related crimes.

A further three Melbourne men were arrested by Victoria Police and charged with drug-related offences.

AFP Acting Assistant Commissioner Cyber Command Chris Goldsmid said Australians have lost an estimated $28 million through phishing attacks facilitated by LabHost.

“In addition to financial losses, victims of phishing attacks are subject to ongoing security risks and criminal offending, including identity takeovers, extortion and blackmail,” Goldsmid said.

“LabHost is yet another example of the borderless nature of cybercrime and the takedown reinforces the powerful outcomes that can be achieved through a united, global law enforcement front.”

The global operation saw LabHost taken down along with 207 servers believed to be hosting fake phishing websites that were created thanks to LabHost.


A folder of seized SIM cards at the scene. Photo: AFP

Phishing is the practice of tricking people into handing over their personal information, typically through scam links sent via text message or email.

These links often purport to be from established, well-known brands such as myGov or Linkt.

Phishing kits

LabHost marketed itself as a one-stop-shop for phishing, providing the tools for criminals to create fake versions of the likes of banks and government agencies in order to steal personal information.

For as little as $270 per month, LabHost gave paying users complete “phishing kits” which included the infrastructure needed to host a phishing site, and email and text content generation and campaign services.


How phishing scams work. Photo: AFP

Using the platform, cybercriminals could send fake links to these sites to victims, prompting them to log in.

Once they did this, the hackers could obtain their personal information, and then use this to obtain their money or sell their data on the dark web.

According to the AFP, more than 94,000 Australians have fallen victim to phishing attacks created through LabHost, and more than 100 Australians are suspected of using the platform.

Around the world, it’s believed that LabHost has created more than 40,000 phishing domains and more than 10,000 global active cybercriminals using its platform.

The global operation saw 70 search warrants simultaneously carried out in multiple countries, and the taking down of LabHost’s alleged administrators, users, and infrastructure.

This led to 37 people being arrested, including four individuals in the United Kingdom alleged to have run the site, and the original developer of it.

Goldsmid said that further arrests are anticipated in Australia over the use of LabHost.

“Australians who have used LabHost to steal data should not expect to remain anonymous,” Goldsmid said.

“Authorities have obtained a vast amount of evidence during this investigation and we are working to identify anyone who used this platform to target innocent victims.”

The fight against hackers

Monash University Professor Practice Nigel Phair said the arrests and shutting down of LabHost is a significant victory.

“This is a great day not just for Australian policy, but also the international coordination of cybercrime investigations,” Phair said.

“These types of investigations are very important as the emergence of cybercrime-as-a-service platforms like LabHost not only proliferate, but also reduce the barriers to entry for cybercriminals.

“This investigation also demonstrates there are plenty of cybercriminals located in Australia, making it easier for Australian police to combat this ever-growing type of crime.”