FBI takes out huge AI-powered phishing service: Outsider Enterprise was using over a million phishing URLs to steal credit card data and passwords

News
By published

Outsider Enterprise was using over a million phishing URLs

A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
(Image credit: weerapatkiatdumrong / Getty Images)
  • FBI dismantled Chinese PhaaS “Outsider Enterprise,” seizing servers, $100k USDT, and Telegram bot
  • Service ran ~9,000 fake sites, 1M+ URLs, stealing 3.8M credit cards and causing $1.9B losses
  • Google filed civil suit, says crooks blasted 2.5M fraudulent SMS in two weeks targeting Android users

The FB) has dismantled a major Chinese phishing-as-a-service (PhaaS) operation called Outsider Enterprise.

In an announcement, the law enforcement agency said it seized multiple administration servers, a Shopify e-commerce storefront, and an account the attackers used to test the PhaaS, mostly SMS-based lures.

The FBI also seized around $100,000 in USDT cryptocurrency, redirected thousands of phishing pages to an FBI announcement site, and seized a Telegram bot that was used to store the stolen information.

Latest Videos From

Google files a lawsuit

Phishing-as-a-Service is a model where threat actors rent a kit that allows them to easily create fake login pages spoofing major brands, as well as send spam emails and SMS messages in bulk and exfiltrate stolen files.

The FBI says this particular PhaaS was very popular in the cybercriminal community. It was active for roughly three years, was used to generate around 9,000 fake websites, as well as at least a million fraudulent URLs. Hackers used this PhaaS to steal more than 3.8 million credit card records, resulting in around $1.9 billion in losses.

This campaign was followed by legal action from Google, too. The search engine giant filed a civil lawsuit against the PhaaS’ infrastructure and is working with major telecommunications providers to block fraudulent messages before reaching their targets.

“Our civil lawsuit targets an organized cybercrime operation known as the 'Outsider Enterprise'. Based in China and coordinating through Telegram, this network distributes "phishing kits" that allow criminals to blast out fake text campaigns that look like they’re from Google and other trusted brands," Google said.

Google claims that in just two weeks, crooks sent around 2.5 million fraudulent SMS messages to targets using Android devices. Users flagged just 55,000 of them as fraudulent.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.