Back

FBI and Indonesia Dismantle $20M W3LL Phishing Kit Operation

Severity: High (Score: 68.0)

Sources: Hoodline, thehackernews.com, Fox5Atlanta

Summary

The FBI Atlanta Field Office, in collaboration with Indonesian law enforcement, has dismantled a significant phishing operation linked to over $20 million in attempted fraud. The operation utilized the W3LL phishing kit, which allowed cybercriminals to create fake login pages that captured users' credentials. The kit was sold for $500 and facilitated the theft of thousands of account credentials through a marketplace known as W3LLSTORE. Between 2019 and 2023, this platform enabled the sale of over 25,000 compromised accounts. Authorities have detained an alleged developer identified only as G.L. The phishing kit employed adversary-in-the-middle techniques to bypass multi-factor authentication, affecting numerous Microsoft 365 accounts. The FBI has emphasized the importance of international cooperation in combating such cybercrime. The takedown marks a significant step in disrupting phishing-as-a-service networks. Key Points: • FBI and Indonesian authorities dismantled a phishing operation linked to $20M in fraud. • The W3LL phishing kit allowed attackers to bypass multi-factor authentication. • The operation sold over 25,000 compromised accounts through an online marketplace.

Key Entities

  • Phishing (attack_type)
  • Indonesia (country)
  • United States (country)
  • T1566 - Phishing (mitre_attack)
  • Microsoft 365 (platform)
  • W3LL (tool)
  • W3LL Phishing Kit (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed