The FBI announced on Monday that it “dismantled” a global phishing operation, which allegedly helped hackers target more than 17,000 victims around the world.
The operation’s website, known as W3LL, displayed a notice saying it had been seized by the FBI. The office said it worked with Indonesian police on the takedown operation, which resulted in the arrest of the alleged W3LL developer (identified only as GL) and the seizure of “key domains.”
Cybercriminals could purchase the W3LL phishing kit for $500 to deploy fake versions of websites that mimicked the login pages of legitimate services, allowing them to steal passwords and multi-factor authentication codes from victims. The phishing kit allowed cybercriminals to “attempt fraud of more than $20 million,” according to the FBI.
The W3LL online marketplace also allegedly allowed criminals to buy and sell stolen credentials and access to hacked systems, which “facilitated the sale of more than 25,000 compromised accounts,” the FBI said.
The FBI did not immediately respond to a request for comment and asked to provide more information.
