Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • Met leads infiltration of fraud platform used by criminals worldwide

Security

Met leads infiltration of fraud platform used by criminals worldwide

A website used by more than 2,000 criminals to defraud victims worldwide has been infiltrated in the Met’s latest joint operation to tackle large-scale online fraud.



Image courtesy the Met

‘LabHost’ is a service which was set up in 2021 by a criminal cyber network. It enabled the creation of 'phishing' websites designed to trick victims into revealing personal information such as email addresses, passwords and bank details.

Users were able to log on and choose from existing sites or request bespoke pages replicating those of trusted brands including banks, healthcare agencies and postal services.

Advertisement
Cranfield

However, LabHost has now been infiltrated and disrupted as the result of a worldwide operation led by the Met.

Work began in June 2022 after detectives received crucial intelligence about LabHost’s activity from the Cyber Defence Alliance. Once the scale of site and the linked fraud became clear the Met’s Cyber Crime Unit joined forces with the National Crime Agency (NCA), City of London Police, Europol, Regional Organised Crime Units (ROCUs) across the country and other international police forces to take action.

Partners including Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation and Trend Micro have also been at the centre of our efforts to bring down this platform.

Between Sunday, 14th April and Wednesday 17th April a total of 37 suspects were arrested across the UK and by international law enforcement agencies. This included arrests at both Manchester and Luton airports, as well as in Essex and London. Both in the UK and across the world over 70 addresses were searched.

On Wednesday, 17th April LabHost and its linked fraudulent sites were disrupted and existing information was replaced with a message stating law enforcement has seized the services.

History of the operation
After being set up in 2021, LabHost quickly gained a criminal user base. By the beginning of 2024 more than 40,000 fraudulent sites had been created and 2,000 users were registered and paying a monthly subscription fee. Those subscribing to the ‘worldwide membership’, meaning they could target victims internationally, paid between £200 and £300 a month.

Since creation LabHost has received just under £1 million ($1,173,000) in payments from criminal users, many of whom Met cyber-crime detectives have now been able to identify. Some have been arrested in this week’s activity, others are now the focus of the ongoing investigation and have been warned we’re now working to track them down.

Shortly after the platform was disrupted, 800 users received a message telling them we know who they are and what they’ve been doing. We’ve shown them we know how much they’ve paid to LabHost, how many different sites they’ve accessed and how many lines of data they’ve received. Many of these individuals will remain the focus of investigation over the coming weeks and months.

Detectives have so far established that just under 70,000 individual UK victims have entered their details into one of LabHost’s fraudulent sites. Globally, the service has obtained 480,000 card numbers, 64,000 PIN numbers, as well as more than one million passwords used for websites and other online services. The total number of victims is likely to be even higher than already established and work is ongoing to identify and support as many as possible.

As of Thursday 18th April detectives have contacted up to 25,000 victims in the UK to tell them their data has been compromised. Each and every one of those cases has been reported to both Action Fraud and UK Finance and every victim has been given advice about next steps and how to further protect their data. A team of officers from the Met will be stood up to provide personalised support to any victims who want further help and advice.

Latest step in targeting large-scale online fraud
This operation is the latest in a series of activity by law enforcement to tackle significant, international online fraud.

Policing and partners continue to meet the growing threat through increasingly joined up and sophisticated operations reaching across the globe.

In November 2022 the Met arrested more than 130 suspects as part of Operation Elaborate. An estimated 200,000 victims were targeted by a scam stealing millions from the public via fake bank phone calls.

In February 2024, the National Crime Agency led Operation Cronos which disrupted LockBit, the world’s most harmful cyber-crime group. LockBit ransomware attacks targeted thousands of victims around the world and caused billions of pounds worth of damage. The NCA infiltrated and took control of LockBit’s systems and dark website, compromising their entire operation. The Agency obtained thousands of decryption keys to help victims recover encrypted data.

Each operation focused on tackling a different type of online fraud, but at the heart was a platform being used by criminals who believed it was impenetrable by law enforcement.

Advertisement
Marshall RT 2

Dame Lynne Owens, Deputy Commissioner of the Metropolitan Police Service, said: “You are more likely to be a victim of fraud than any other crime. In addition to the financial impact, it undermines the public’s confidence in the tools and technology they need to use in daily life. Our collective approach should ensure suspects feel that same level of distrust in their own criminal environment.

“Online fraudsters think they can act with impunity. They believe they can hide behind digital identities and platforms such as LabHost and have absolute confidence these sites are impenetrable by policing.

“But this operation and others over the last year show how law enforcement worldwide can, and will, come together with one another and private sector partners to dismantle international fraud networks at source. Our approach is to be more precise and targeted with a clear focus on those enabling online fraud to be carried out on an international scale.”

Adrian Searle, Director of the National Economic Crime Centre (NECC) in the NCA, said: “Fraud is a terrible crime that impacts victims both financially and psychologically, undermining our collective trust in others and the online services on which we all rely.

“Together with cyber crime, it makes up around 50% of all crime in England and Wales. Recognising the scale and nature of the threat, law enforcement are working evermore closely together, both here and overseas, to target the fraudsters and the technology they are exploiting.

“This operation again demonstrates that UK law enforcement has the capability and intent to identify, disrupt and completely compromise criminal services that are targeting the UK on an industrial scale.

“Alongside law enforcement action, we also encourage everyone to protect themselves and their online accounts, by creating strong, unique passwords, using two step verification if offered and activating their browser’s password manager. You can also visit the Stop Think Fraud website for lots of really useful advice.

“If you have doubts about a message or call, contact the organisation directly to check. Use contact details from their official website”.

Temporary Commander Oliver Shaw from City of London Police, said: “Collaborative operations like this are vitally important in the global fight against fraud and cyber crime.

“As the national lead force for fraud, we were able to support the operation by providing intelligence derived from reports made to Action Fraud. We continue to support the Metropolitan Police Service, Regional Organised Crime Units (ROCUs) and forces across the UK, to put cyber criminal fraudsters on the back foot.

“If you think you have been a victim of fraud, contact your bank immediately and report to Action Fraud at actionfraud.police.uk or call 0300 123 2040.”

Amy Hogan-Burney, General Manager, Cybersecurity Policy & Protection at Microsoft said: “Today’s action led by the United Kingdom’s Metropolitan Police Service shows the impact we can have in the fight against cybercrime when we work together. We must continue to work together and leverage the immense skills of industry and governments to defeat these threats.”

A spokesperson for the Cyber Defence Alliance said: “The partnership with the Cyber Defence Alliance and law enforcement continues to develop. We have together, once again, been able to disrupt a major international criminal platform and prevented more people falling victim to these scams.

“In the digital world we live in, our alliance will continue to work with law enforcement to combat the growing threat of online fraud which impacts millions of people across the globe.”

A man has been charged with offences relating to this matter.

Advertisement
General Atomics LB General Atomics LB
Jane Hunt MP introduced to 3DX-RAY AI innovation

Security

Jane Hunt MP introduced to 3DX-RAY AI innovation

20 May 2024

Provider of x-ray imaging systems for security and industrial inspection, 3DX-RAY Ltd, recently welcomed Jane Hunt MP to its Barrow Upon Soar facilty, where she saw how the company has integrated AI machine learning into its Axis-CXi mail screening X-ray system.

New Secure School set to reduce crime

Security

New Secure School set to reduce crime

17 May 2024

Serious young offenders are to be turned away from gangs and knife crime through rigorous education and training at the UK’s first Secure School.

Babcock signs UK Nuclear Skills Charter

Defence Security

Babcock signs UK Nuclear Skills Charter

16 May 2024

Babcock has reinforced its commitment to securing the critical nuclear skills the UK needs to deliver national security and energy resilience.

Dstl leads on UKMFC

Defence Security

Dstl leads on UKMFC

16 May 2024

The Defence Science and Technology Laboratory (Dstl) is leading on the creation of the United Kingdom Microbial Forensics Consortium (UKMFC).

Advertisement
Cranfield
New tech to combat criminal gangs in Albania and UK

Security

New tech to combat criminal gangs in Albania and UK

16 May 2024

A sophisticated network of UK-funded cameras worth £1.6 million has been installed on the Albania-Kosovo border to tackle illegal migration and criminal gangs.

Protection of AI models against cyber attacks enhanced

Security Events

Protection of AI models against cyber attacks enhanced

15 May 2024

New measures, anticipated to establish a global benchmark for enhancing the protection of AI models against hacking and sabotage, were unveiled today by the UK government.

Advertisement
ODU RT 2