Ukrainian law enforcement officials in coordination with authorities from the U.S. and Australia shut down one of the world’s largest phishing services named uPanel also known as U-Admin.
Officials believe that the toolkit was used to attack financial institutions in 11 countries, causing tens of millions of dollars in losses.
The Ukrainian attorney general’s office reported that a 39-year-old man from the Ternopil region was identified to have developed a phishing package and a special administrative panel for the service, which have targeted numerous banks located in Australia, Spain, the U.S., Italy, Chile, the Netherlands, Mexico, France, Switzerland, Germany, and the U.K.
Computer equipment, mobile phones, and hard drives were seized in raids during the course of the operation.
Security researcher Brian Krebs said that the raids were in connection with U-Admin, a phishing framework that makes use of fake web pages to pilfer victim credentials more efficiently.
It is estimated that more than 50% of all phishing attacks in 2019 in Australia were performed using the phishing toolkit.
It is believed that the hacker has sold his products to customers around the world via an online store in the dark web and also provided technical support during phishing attacks.
According to the Ukrainian police, over 200 active buyers of malicious software have been identified.
By using U-Admin, the customers can exfiltrate data entered by victims on compromised websites by injecting malicious code into the browser. The crimeware platform’s info-stealing capabilities also extended to capture two-factor authentication codes.
The hacker, who was arrested on charges of creating and distributing malicious software and breaking into computer networks would be imprisoned up to six years if found guilty.
Image Credit : Trend Micro