Police Raid Ends Decade-Long Operation of PhaaS network BulletProftLink

A notorious Phishing-as-a-Service (PhaaS) network, known as BulletProftLink, has been seized by the Royal Malaysian Police in collaboration with the FBI and the Australian Federal Police.

The illicit platform has been operating since 2015, and managed to evade the cybersecurity community's notice until 2018. By then, it had gathered thousands of subscribers, including some paying hefty sums to access batches of stolen credentials.

Sophisticated Tools for Cybercriminals

BulletProftLink provided cybercriminals with over 300 phishing templates, making it easier for them to launch attacks.

The platform offered a range of services, including ready-made phishing kits, customization options, page hosting, reverse proxying, and credential-harvesting tools. These resources were crucial in enabling cybercriminals to execute sophisticated phishing attacks.

Joint International Effort Leads to Takedown

The joint operation involved several law enforcement agencies and culminated in the arrest of eight people on Nov. 6, including the alleged leader of the illicit marketplace.

Authorities also seized cryptocurrency wallets valued at about $213,000, along with jewelry, servers, vehicles, payment cards and computers. The confiscated servers are expected to provide vital insights into the operation and its users.

A Haven for Phishing Resources

BulletProftLink's platform boasted vast resources, including fake login pages for well-known companies such as DHL, Microsoft, American Express, and the Royal Bank of Canada.

The operation cunningly hosted some of these pages on legitimate platforms like Microsoft Azure or Google Cloud to bypass email security tools.

Another significant asset was access to Evilginx2, a reverse-proxying tool enabling AITM phishing attacks, which can bypass multi-factor authentication (MFA) measures.

Staying Safe from Phishing Attacks

1. Vigilance and Awareness: Always verify the authenticity of emails and websites before entering personal information. Look out for tell-tale signs of phishing, such as misspelled URLs or requests for sensitive information.
2. Use Specialized Software: Security solutions like Bitdefender Ultimate Security can protect you against phishing attacks and other digital threats.
3. Multi-Layer Security Measures: While MFA is essential, combining it with other security practices like regular password changes and secure browsing habits is recommended.
4. Secure Your Data: Regular backups and using encrypted data storage can minimize damage in case of a successful attack.