The FBI announced Monday that it has “dismantled” a global phishing operation that allegedly helped hackers target more than 17,000 victims around the world.
The operation's website, known as W3LL, displayed a notice saying it had been seized by the FBI. The agency said it worked with Indonesian police on the takedown operation, which resulted in the detention of the alleged W3LL developer, identified only as GL, and the seizure of “key domains.”
Cybercriminals can purchase a W3LL phishing kit for $500, deploy a fake version of a website that mimics a legitimate service's login page, and steal passwords and multi-factor authentication codes from victims. According to the FBI, the phishing kit allowed cybercriminals to “attempt fraud of more than $20 million.”
The W3LL online marketplace also allowed criminals to buy and sell stolen credentials and gain access to hacked systems, “facilitating the sale of more than 25,000 compromised accounts,” the FBI said.
The FBI did not immediately respond to a request for comment for further information.