Police has shutdown one of the world’s largest phishing services; financial institutions in various countries were attacked

Ukrainian authorities announced the arrest of an individual identified as the main responsible for the development and maintenance of a set of tools for the deployment of sophisticated phishing campaigns widely popular in the cybercriminal community. This 39-year-old individual was arrested on February 4th thanks to the joint work of Ukrainian authorities with police agencies in Australia and the United States.

As you may remember, the term phishing refers to a set of tools and procedures used to deceive a computer system user, getting them to deliver sensitive information or access to a computer system.  

According to sources close to Ukrainian authorities, the defendant is the creator of uPanel, a powerful phishing tool also known as U-Admin. Cybersecurity specialist Fred HK has researched this toolkit for over a year, coming to interesting conclusions: “This is a control panel to receive records of phishing kits and control interaction with victims. Threat actors also use this tool with injections, which are snippets of code implanted in the victims’ browser, allowing them to collect more information from the target system.”

The specialist mentions that uPanel is sold through a hacking forum hosted on dark web in which the malware developer called himself “KAKTYS1010”, active at least since 2015. Those interested in launching phishing attacks could purchase a uPanel license for prices between $80 and $800, depending on the desired functions and scope of the attack.

Ukrainian authorities even released a video of the arrest:

Ukrainian authorities also seize multiple laptops and desktop computers, as well as some smartphones in the defendant’s residence; after the investigation, authorities mentioned that uPanel had about 200 active clients. On the active use of this toolkit, researchers believe that attacks using uPanel resulted in tens of millions of dollar losses in countries such as Germany, Australia, Spain, Chile, the United States, Mexico and the United Kingdom.

As an example of the scope of this tool, authorities mention that more than 50% of phishing attacks reported in Australia were deployed with uPanel. The report also mentions that the defendant is not only responsible for creating this tool, but was also dedicated to providing technical support to his clients and releasing updates for the tool.