The FBI Atlanta Field Office and Indonesian authorities have dismantled the W3LL phishing platform, arresting its alleged developer in the first US-Indonesia coordinated enforcement action against a phishing kit developer. W3LL was a full-service cybercrime marketplace selling phishing kits for $500 that could clone corporate login portals, bypass MFA via adversary-in-the-middle attacks, and steal session cookies. Between 2019 and 2024, the platform facilitated over 25,000 compromised account sales and targeted more than 17,000 victims worldwide, enabling over $20 million in attempted fraud. The kit was particularly used against Microsoft 365 accounts to support business email compromise attacks.
Table of contents
Related Articles:Sort: