On April 18th, 2024, the Justice Department made a significant breakthrough in the fight against cybercrime by seizing four web domains that were instrumental in the creation of over 40,000 spoofed websites. These websites were designed to deceive unsuspecting victims and gather their personal information unlawfully. This operation led to the protection of more than a million individuals whose sensitive data was at risk of being misused. The swift action taken by the Justice Department signifies a strong commitment to combating online fraud and ensuring the safety and security of internet users. This achievement serves as a reminder of the ongoing efforts required to stay one step ahead of cybercriminals and safeguard the digital landscape for all.
According to court records, the United States has obtained legal permission to seize the domains associated with Lab-host.ru, a Russian internet infrastructure company. LabHost provided a subscription-based service that enabled customers to create and manage spoofed websites that resembled well-known businesses like Amazon, Netflix, and various banks. These fake websites were used to deceive unsuspecting victims into divulging their personal information, including their date of birth, email address, password, address, and credit card details. Court documents reveal that LabHost’s customers then used this stolen information to carry out unauthorized financial transactions, resulting in significant financial losses for the victims. The investigation uncovered that LabHost facilitated the creation of over 40,000 spoofed websites, storing more than one million user credentials and nearly half a million compromised credit card details.
“Together with our international partners, the Justice Department has disrupted another cybercrime scheme originating from Russia that enabled criminals to steal from over a million victims in the United States and around the world,” said Attorney General Merrick B. Garland. “I am grateful to the U.S. Attorney’s Office for the Western District of Pennsylvania, the FBI, and our partners at the Secret Service for their work on this case, and to our foreign law enforcement partners whose efforts have led to the arrests of dozens of LabHost administrators and users.”
“The theft of personal information—and the financial ruin that often follows—should never be just another cost of using the internet for ordinary citizens,” U.S. Attorney Olshan said. “Today’s domain seizures show that cybercriminals’ greed will not go unchecked—no matter their sophistication and geographic reach. We will continue to work with our domestic and foreign law enforcement partners, using all available tools, to protect the global public.”
“Seizing LabHost and arresting those involved will have a systemic impact on transnational cybercrime,” said Special Agent in Charge Timothy P. Burke, U.S. Secret Service Pittsburgh Field Office. “We are proud to work with our foreign and domestic law enforcement partners as we continue to counter those engaged in cybercrime.”
“Behind every cybercrime-as-a-service operation lurks one thing: financial devastation,” said FBI Pittsburgh Special Agent in Charge Kevin Rojek. “The FBI and our global partners will continue to aggressively pursue anyone who thinks they can get rich by stealing from hard-working Americans. Selling cybercrime tools has ripple effects that go far beyond the businesses and borders of America. With every theft and intrusion, the public loses more and more trust in our critical digital infrastructure.”